**About Us** **Since 1989, SHI International Corp. has helped organizations change the world through technology. We’ve grown every year since, and today we’re proud to be a $15 billion global provider of IT solutions and services.** **Over 17,000 organizations worldwide rely on SHI’s concierge approach to help them solve what’s next.** **But the heartbeat of SHI is our employees – all 6,000 of them.** **If you join our team, you’ll enjoy:** + **Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.** + **Continuous professional growth and leadership opportunities.** + **Health, wellness, and financial benefits to offer peace of mind to you and your family.** + **World-class facilities and the technology you need to thrive – in our offices or yours.** **Job Summary** This role you will work closely with other members to assess and validate IT security controls and compliance with applicable standards, requirements, and policies. This should include Business Continuity Planning and Disaster Recovery Testing. The Controls Analysts will also support projects across IT as needed and partner with leadership to develop templates and documentation for processes and procedures. This role will provide advisory support and recommendations on how to remediate potential risks to meet control objectives and compliance requirements. **Role Description** + Manage controls assessments, including kickoff, submission of deliverables, final report, and executive briefing. + Conduct audits of controls to ensure controls are effective and identify areas for improvement. + Lead assessment interviews, audits, testing, and coordinate evidence requests. + Review Manager Action Plans and ensure identified process changes are well-controlled and effectively address audit concerns. + Establish policies and procedures based on industry standards and compliance objectives. + Ensure audits are executed on time and that proper documentation is developed, archived, and shared with all stakeholders. + Prepare metrics and reports for management on the status of all deliverables, key metrics, and audits. + Participate in projects providing guidance, requirements, and documentation as needed. + Evaluate, document, and maintain standards, processes, and procedures relative to all department policies, procedures, and metrics. + Provide insightful recommendations to improve process and policy controls across IT. + Provide content input on policies, standards, and procedures. + Liaisons with other functions: Foster and manage productive relationships with IT Teams, Risk and Resilience, Legal, and Internal Audit. + Assist IT teams and process owners with assessing compliance to control requirements, self-assessing control design and performance, and inspecting evidence of control design and operation. + Assist IT teams with the development of control policies and procedures. **Behaviors and Competencies** + Critical Thinking: Can analyze and interpret data to inform decision-making, and propose solutions based on logical reasoning. + Communication: Can effectively communicate complex ideas and information, and can adapt communication style to the audience. + Following Instructions: Can accurately interpret instructions, identify potential issues, and execute tasks without requiring constant supervision. + Follow-Up: Can independently track and follow up on tasks without requiring reminders, ensuring responsibilities are fulfilled. + Collaboration: Can actively participate in team discussions, respect differing opinions, and collaborate with others to achieve common goals. + Problem-Solving: Can identify problems, propose solutions, and take action to resolve them without explicit instructions. + Organization: Can prioritize daily tasks, manage personal workflow, and utilize basic tools to keep track of responsibilities. + Time Management: Can generally use time effectively and is working towards improving task prioritization and deadline management. + Analytical Thinking: Can apply critical thinking to analyze data, identify patterns, and make basic inferences. + Detail-Oriented: Can identify errors or inconsistencies in work and make necessary corrections. **Skill Level Requirements** + Ability to assess and validate IT security controls and compliance with industry standards, regulatory requirements, and internal policies – Intermediate + Ability to manage and execute control assessments, including audits, evidence collection, and reporting on findings and metrics – Intermediate + Ability to develop, document, and improve IT processes, procedures, and templates to support compliance objectives – Intermediate + Ability to analyze audit results, identify risks, and provide actionable recommendations to improve controls and address compliance gaps – Intermediate + Ability to collaborate across IT, Legal, and Audit teams, building strong working relationships and clearly communicating technical information to diverse audiences – Intermediate **Other Requirements** + Bachelor’s degree in engineering, MIS, or equivalent degree. + 5-7 years of experience in Business Controls, Audit, or Security + Minimum 2 years of audit experience. **Preferred:** + Security certification, such as CISA, CISM, and CISSP. + Project Management experience . The estimated annual pay range for this position is $70,000 - $90,000. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity – M/F/Disability/Protected Veteran Status