Search Jobs
IT Controls and Governance Analyst
14434 Medical Complex Dr #100 Tomball, TX 77377 US
Job Description
Salary + Additional Benefits:Â
- $117,000-$125,000
- Medical, Dental, Vision Insurance
- 401K - company match
Location: Tomball, TX
Type of Position: Direct Hire
Responsibilities:Â
- IT Controls Monitoring & Compliance
- Design, implement, and monitor IT control processes across a variety of systems.
- Assess the effectiveness of IT controls, ensuring they align with frameworks such as SOX, COBIT, and ISO 27001.Â
- Regularly test IT controls to identify deficiencies, gaps, or areas for optimization and improvement.Â
- Support the development and execution of remediation plans, ensuring timely follow-up on control deficiencies.Â
- Governance Framework SupportÂ
- Assist in developing and updating IT governance policies, procedures, and standards to reflect evolving business needs and regulatory requirements.Â
- Collaborate with internal teams to ensure the successful execution of governance activities.Â
- Participate in efforts to embed governance frameworks (e.g., SOX, GDPR, NIST) into daily IT operations across the organization.Â
- Risk ManagementÂ
- Contribute to identifying, assessing, and managing IT-related risks, particularly those affecting data privacy, security, and operational processes.Â
- Help maintain the IT risk register, ensuring it is up-to-date and responsive to emerging threats.Â
- Support audit readiness by gathering evidence, managing audit requests, and coordinating remediation efforts based on audit findings.Â
- Collaboration & Stakeholder EngagementÂ
- Serve as the primary point of contact for third-party service providers involved in IT related audits and reviews, ensuring expectations, objectives, and timelines are met.Â
- Work closely with IT, Legal, and other business teams to support the implementation of governance and control frameworks.
- Act as a liaison between IT and external auditors during regulatory reviews to ensure smooth communication and alignment.Â
- Provide guidance and training to IT teams on governance practices and control requirements to enhance compliance.
- Documentation & ReportingÂ
- Maintain organized documentation of IT control activities, risk assessments, and governance reviews.Â
- Prepare reports for leadership and stakeholders on the status of IT controls, risk mitigation efforts, audit results, and action plans.Â
- Communicate governance initiatives and compliance updates to relevant teams and departments.Â
- Continuous ImprovementÂ
- Contribute to the ongoing refinement and improvement of IT governance and controls.Â
- Stay informed on emerging IT trends, best practices, and regulatory changes to ensure the organization remains compliant and proactive in its governance strategy.Â
- Recommend process improvements to enhance the efficiency and effectiveness of governance, risk, and control functions.
Requirements:
- Bachelor’s degree in Information Technology, Information Systems, Cybersecurity, Business Administration, or a related field
- 2-4 years of experience in IT audit, governance, risk management, or related fields
- Familiarity with frameworks like SOX, COBIT, ISO 27001, NIST, or other relevant control frameworks
- Experience working with IT governance in a highly regulated or public company environment is preferred but not required
- Solid understanding of IT governance, risk management, and compliance (GRC) principles
- Ability to conduct IT control assessments, audits, and reviews in a structured and thorough manner
- Strong written and verbal communication skills, with the ability to present findings clearly to both technical and non-technical audiences
- Analytical mindset with a strong attention to detail, capable of identifying trends, risks, and areas for improvement
- Ability to collaborate effectively across teams and manage multiple priorities in a fast-paced environment
- Familiarity with cloud-based infrastructure and associated governance and control measures is desirable
- Experience with audit preparation and remediation in public or regulated industries preferred
- Professional certifications such as CISA, CRISC, CGEIT, or ITIL are a plus
Due to the high volume of applications we typically receive, we regret that we are not able to personally respond to all applications. However, if you are invited to take the next step in the process, you will typically be contacted within one week of submitting your application.
Meet Your Recruiter
Saxon Huckell
Associate Search Director - Murray Technical
Specializing in matching talent with exciting opportunities in Engineering, Technical Sales, Manufacturing, Operations, Project Management Supply Chain, and IT.