Security Analyst (WA)

• 5+ years of experience in Security GRC, IT Audit, or a related field, with a strong focus on SOX compliance and IT General Controls (ITGCs) in a retail environment.
• Big 4 IT Audit experience or similar is required, with demonstrated expertise in evaluating and testing ITGCs and application controls supporting financial reporting.
•  Deep understanding of SOX Section 404 requirements, including risk assessment, control design, and effectiveness testing.
•  Experience working with internal and external auditors, including managing walkthroughs, evidence collection, and audit issue resolution.
• Strong knowledge of ITGC domains such as access controls, change management, IT operations, and system development lifecycle (SDLC).
•  Familiarity with retail-specific systems (ex. Oracle EBS, Retail Management Systems, Order Management Systems, Warehouse Management Systems) and how they intersect with SOX compliance.
• Experience with cloud platforms (e.g., AWS, Azure), SaaS applications, and their implications for SOX controls.
• Proficiency in using GRC tools like ServiceNow, to streamline audit workflows and evidence management.
• Proven ability to drive remediation efforts, track control deficiencies, and support control owners in implementing sustainable solutions.
• Strong communication and stakeholder management skills, with the ability to influence cross functional teams and align on compliance priorities.
• Demonstrated ability to work in a fast-paced, global retail environment, managing multiple priorities and time zones.
• Professional certifications such as CISA, CPA, or CIA are required.

Department: Preferred Vendors
This is a contract position