Work in Washington Veterans Jobs

TrueBlue, the people company, has an open Senior Technology GRC Analyst that is primarily responsible for IT compliance activities to ensure the proactive management, adherence, identification, and remediation of internal controls or standards that meet or exceed defined compliance, operational, and regulatory requirements. This role will both lead and support the technical and operational delivery aspects of the IT controls testing process for Internal Control over Financial Reporting (ICFR or SOX), and non-SOX compliance programs. This role will assist in the performance of compliance risk assessments across TrueBlue, enterprise IT, vendors, and third parties as identified. This role is 100% remote and can be located anywhere within the United States. RESPONSIBILITIES: Design and execute tests of operating effectiveness for IT systems and internal controls; assist with required remediation related to SOX and non-SOX IT controls. Support the continual compliance monitoring processes for IT delivery services currently in place to identify regulatory and internal variances including log reviews, organization and roles transitions and training, as well as assessment of appropriate metrics for IT delivery processes. Identify and communicate potential control deficiencies, risk areas with insufficient mitigation, and opportunities for process improvements. Design enhancement for internal controls such as segregation of duties, production change management, software/change management, security, incident handling, and data integrity. Review, document, evaluate, and test manual and automated computer controls throughout the enterprise IT environment, including servers, applications, middleware, and user interface/desktop management. Manage and facilitate the control self-testing process through audit trail management using ServiceNow\'s ticket management, GRC, and asset management solutions suite as well as other applications as necessary. Support and oversee the execution of quarterly IT Compliance tasks such as user access reviews and control certifications. Manage and report on each phase of the annual SOX audit from planning through to completion. Support the leadership in compiling, drafting, developing, and delivering input on all aspects relevant to compliance scan results, processes, and associated policy documentation. Partner with peers and customers to make a technology culture one that is \"audit ready.\" Deliver periodic compliance and IT ethics educations. Seamlessly interface and have relationships with both IT Operations and Delivery staff as well both internal and external audit. Manage multiple relationships with clients, co-workers, and leadership to gain trust and foster collaboration. CORE KNOWLEDGE & SKILLS: Understand how to conduct system log reviews, identify and track anomalies in the data and track them to remediation. Working knowledge of compliance and audit functions related to SOX, ITIL, PCI and COBIT, COSO, ISO and NIST security frameworks. Demonstrated ability to lead both projects and resources to complete activities on-time, on-budget and to scope. Demonstrated experience with automation tools, lean processing, eliminating single-source risk areas, and manual reliance Knowledge of risk identification and categorization based on best practices in IT enterprise risk management. Ability to research, identify, and present solutions for enhancing IT governance and compliance. Ability to document and develop process models with control definitions and artifact requirement for IT delivery processing. Knowledge of the data analytics reporting as well ServiceNow application suite solutions. Knowledge of GRC tools for control automation. Experience in managing activities, projects and programs on-time, on-budget and to scope. Excellent written and verbal communication skills Work experience in a com