Senior IT Compliance Analyst

We are hiring a highly skilled and experienced Sr IT Governance, Risk, and Compliance (GRC) Analyst to join our growing team. This work requires a talented individual to shape the effectiveness, adequacy, and efficiency of our information security programs and to foster a culture of security and trust throughout the enterprise.

What You Will Be Doing:

• Lead the development, execution, and improvement of GRC, privacy, and customer trust programs with minimal oversight. Continuously assess effectiveness, adequacy and efficiency of controls.
• Coordinate and collaborate with entities responsible for information security including IT security teams, internal and external auditors, control owners, and third parties to: Communicate policies, standards, procedures, and baselines. Manage risk through enterprise-wide risk assessments. Track vulnerabilities through resolution. Ensure compliance with internal and external policies, controls, and regulations. Drive efficiency through automation and elimination of irrelevant work.
• Lead efforts related to security program governance such as updating, developing, and performing annual reviews of corporate security policies, procedures, and standards.
• Serve as the primary liaison for internal and external security and privacy audits, including SOX, PCI, and HIPAA, ensuring timely resolution of compliance issues.
• Partner with leadership to scale security and compliance functions in a global enterprise environment and drive risk resolution.
• Deliver consistent reports to leadership on audit outcomes, emerging trends, and compliance risks. Monitor and report on the effectiveness of the security program using data-driven metrics.
• Work with control owners and application teams to identify root cause of deficiencies and develop appropriate remediation plans.
• Drive automation efforts and continuous improvement projects to boost efficiency of audit processes.

• Because this position may be entrusted with sensitive information and must establish trust and credibility with stakeholders to accomplish their objectives, candidates must maintain the highest ethical standards and integrity in their actions.

Who You Are:

Minimum Qualifications

• 5+ years of experience in GRC, IT Audit, Risk Management, or IT Compliance, to include data privacy, and customer trust or relevant professional experience.
• Experience with several of the following: SOX, PCI, HIPAA, GDPR, CMMC, COBIT, ITGC, SOC2, ISO27001
• Experience coordinating external audits. Big 4 experience preferred.
• Working knowledge of one or more GRC platforms (OneTrust, ServiceNow GRC, Archer, Audit board, etc.)

Preferred Qualifications

• 4-year degree preferred
• Industry recognized certifications (e.g. CISA, CRISC) strongly preferred.
• Programming abilities in Python or similar languages, as well as experience with query languages such as SQL preferred.
• Strong technical understanding of both legacy and modern IT systems.
• Experience managing compliance in hybrid cloud environments a plus.

Wellbeing Means so Much More than Benefits:

• Nurse and massage therapist onsite for employees
• Cell phone reimbursement monthly
• Employee assistance program, providing free counseling, financial resilience, and legal guidance
• Ongoing learning through Linkedin Learning

Who We Are:

Steelcase is a global design and thought leader in the world of work. Along with our expansive community of brands, we design and manufacture innovative furnishings and solutions to help people do their best work in the many places where work happens.

Why People Choose to Work with Us: At Steelcase, we put people at the center of everything we do. We understand the role of work and believe that it can bring meaning and purpose to the lives of our customers and our employees. We prioritize supporting our employees both in and out of work, in all aspects of their lives. When we bring our talents together, we make a positive lasting impact through our work and communities.

What Matters to Us:

More than qualifications, we're looking for talent and potential. We are proud to have a diverse and inclusive workforce, and we're always looking to improve our global community. We value applicants who are comfortable interacting with people different from themselves, building mutual respect and positive relationships. We invite people from all backgrounds and genders to apply. If we can make the application process easier through accommodation, please email us at myhr@steelcase.com.

Steelcase provides employment opportunities to all qualified employees and applicants without regard to race, color, creed, genetic information, religion, national origin, gender, sexual orientation, gender identity and expression, age, disability, and bases all employment decisions only on valid job requirements. We are proud to be recognized for our inclusive workforce by the Corporate Equality Index for the past nine years.

The annual base salary range for this position is $88,500-$138,300. Please note that the salary information is a general guideline only. Steelcase considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.