NEW JOB OPENING
AUDIT COMPLIANCE ANALYST
IN Richmond, VA, USA!

Audit Compliance Analyst



Required Education:

• Bachelor’s degree in information technology, Computer Science, or a related field preferred (In lieu of a degree, demonstrated IT or cybersecurity experience will be considered)



Required Qualifications:

• Demonstrated understanding of cybersecurity risks, controls, and industry frameworks (e.g., NIST SP 800 53, NIST Cybersecurity Framework, ISO/IEC 27001)

• At least 3 years’ experience with ServiceNow GRC/IRM and ideally ServiceNow ITSM modules

• Practical experience applying governance, risk, and compliance (GRC) principles

• Familiarity with governance tools such as the Unified Control Framework (UCF) and SIG

• Strong collaboration, interpersonal, and communication skills, with the ability to work effectively across technical and non-technical stakeholders

• Understanding of project management principles and the Software Development Lifecycle (SDLC)

• Strong written and verbal communication skills with a focus on clarity, quality, and professionalism

• Demonstrated commitment to continuous improvement and process optimization



Responsibilities:

• Coordinate and administer the ServiceNow Policy and Compliance modules, ensuring accurate configuration, maintenance, and effective day to day operation

• Manage and monitor ServiceNow ITSM oversight ticket queues, ensuring timely intake, triage, tracking, and resolution of catalog, policy, and compliance related requests

• Collaborate with Information Security, Risk, Compliance, Legal, Audit, IT, and business stakeholders to support enterprise policy and compliance initiatives

• Operationalize and automate policy and compliance lifecycle activities, including policy management, reviews, attestations, continuous monitoring, and control testing

• Reduce manual effort through automation, standardization, and improved workflows for evidence collection and control validation

• Support a “test once, satisfy many” methodology to streamline compliance efforts across multiple regulatory, audit, and assurance requirements

• Implement and maintain continuous monitoring activities to identify policy or control violations and support timely response and remediation

• Develop, maintain, and communicate policy and compliance metrics through dashboards and reports for leadership and key stakeholders

• Coordinate information and evidence across the organization to support audits, assessments, regulatory inquiries, and internal reviews

• Manage competing priorities, short turnaround requests, and tight deadlines while maintaining high quality, accuracy, and attention to detail

• Create and maintain standard operating procedures, job aids, and other required documentation

• Identify opportunities for process improvement and efficiency and support the implementation of enhancements

• Work independently while collaborating closely with team members, application owners, contractors, and business partners

• Operate effectively in a distributed, virtual team environment

• Maintain a working knowledge of information security policies, standards, and regulatory requirements

• Demonstrates the ability to independently execute assigned responsibilities with minimal supervision, managing day to day operational tasks, exercising sound judgment, and escalating issues as appropriate.

• Accountable for end to end execution within a defined scope.

• This is a hands on, execution focused role with direct responsibility for operational delivery

• **Only those lawfully authorized to work in the designated country associated with the position will be considered.**

• **Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client’s business needs and requirements.**