IT GRC Analyst III

Republic Services is a leader in Environmental Services, partnering with customers to create a more sustainable world.

We are Sustainability in Action - our promise to be environmentally responsible and to help our customers be environmentally responsible too.

Why choose Republic?

Joining Republic isn't just about taking on a new job, it's about making a commitment to create a more sustainable world together. Our people provide an essential service, serving and impacting customers, neighborhoods, and communities everywhere.

As a company, we are proud of our values and encourage those who share in our aspirations to join our team:

• We protect our colleagues and communities through safe practices everywhere, every day.
• We are committed to serving our customers and communities by going above and beyond to exceed expectations.
• We take action to improve neighborhoods and communities by being environmentally responsible and creating a more sustainable world.
• We are driven to deliver results in the right way.
• We encourage a human centered culture that honors the unique potential and dignity of every person.

POSITION SUMMARY: The IT Risk and Compliance Analyst collaborates with Internal Audit and IT teams to deliver IT Risk and Compliance services. The Analyst assists with the evaluation and rationalization of IT controls in the context of SOX IT Audit, PCI and Privacy requirements; and performs enterprise cyber and technology risk assessments.

PRINCIPAL RESPONSIBILITIES:

• Evaluation of IT controls to reduce the impact of internal and external IT audits.
• Controls rationalization to simplify the IT control environment.
• Evaluate/interpret SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on the objective / intent of the requirements.
• Assist project teams to evaluate IT Risk and Compliance considerations for projects.
• Assist with enterprise cyber and technology risk assessments.
• Collaborate with business units to deliver enterprise risk assessment results; and identify solutions to minimize risk exposure.
• Performs other job-related duties as assigned.

QUALIFICATIONS:

• Bachelor's Degree in Information Security, Accounting and Information Systems, IT Risk Management.
• Big 4 experience in the IT Audit and Advisory domain.
• Experience with GRC tools and policy / procedure development.
• Certifications: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), GIAC Critical Controls Certification (GCCC), or GIAC Security Essentials (GSEC).
• Intermediate to advanced proficiency in the use of Microsoft Office products, including Word, Excel and PowerPoint.
• Strong technical, analytical and problem solving skills.
• Strong communication skills to effectively interact with internal and external partners on all levels to resolve issues and provide solutions in a timely manner.

MINIMUM REQUIREMENTS:

• Minimum of 4 years of experience in IT Audit, IT Risk Management or IT Compliance.
• Prior exposure to, and experience with, SOX IT Audit, PCI DSS v3.1 and Privacy regulations.

Rewarding Compensation and Benefits

Eligible employees can elect to participate in:• Comprehensive medical benefits coverage, dental plans and vision coverage.• Health care and dependent care spending accounts. • Short- and long-term disability.• Life insurance and accidental death & dismemberment insurance.• Employee and Family Assistance Program (EAP).• Employee discount programs.• 401(k) plan with a generous company match.• Employee Stock Purchase Plan (ESPP).

The statements used herein are intended to describe the general nature and level of the work being performed by an employee in this position, and are not intended to be construed as an exhaustive list of responsibilities, duties and skills required by an incumbent so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of the Company.

Republic Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, protected veteran status, relationship or association with a protected veteran (spouses or other family members), genetic information, or any other characteristic protected by applicable law.