IT Compliance & Security Analyst

Job

3022027

IT Compliance & Security Analyst

Hybrid – 4 days/week onsite

Long-Term Contract

The IT Compliance and Information Security Analyst is responsible for providing oversight of IT compliance, regulatory requirements, information security, and controls across our technology organization. This role supports application teams to ensure digital infrastructure and applications remain secure, resilient, and compliant with internal standards and industry regulations.

As a key contributor to the Second Line of Defense, the analyst supports IT risk assessments, identifies control gaps, and partners with teams to implement remediation actions. The position also provides support for internal and external audits, working closely with business partners to identify, assess, and manage IT‑related risks.

Our technology organization is undergoing a significant transformation, offering a unique opportunity to influence the evolution of our security, compliance, and regulatory practices.

• Partner with Application Teams to implement and manage IT controls
• Provide security and control consulting to application teams
• Support internal audit and third‑party audit activities
• Assist Credit Internal Controls with IT‑related controls and deficiency remediation
• Manage audit findings and comments, including development and sustainability of Control Improvement Plans
• Conduct reviews of IT-related audit comments
• Support application teams with detailed risk assessments and threat modeling
• Assist Vendor Management and Business Owners with due‑diligence activities for supplier onboarding
• Support Privacy and Compliance attorneys with IT‑related regulatory requirements
• Monitor the GCP Security Command Center to maintain visibility into cloud compliance posture
• Support third‑party consulting engagements
• Maintain accurate JIRA user stories and backlog items
• Help ensure compliance with financial industry standards

• Strong knowledge of industry‑standard IT controls and security best practices
• Understanding of corporate policies (Information Security Policy, Finance Manual, Corporate Directives, etc.)
• Ability to assess risks and implement effective mitigating controls
• Knowledge of risk management principles including assessment, mitigation, and reporting
• Strong leadership skills with a results‑oriented mindset
• Continuous improvement mentality for controls and processes
• High level of integrity and willingness to advocate for correct actions
• Strong written and verbal communication skills
• Ability to draft and update security procedures as threats evolve
• Excellent interpersonal, collaborative, and team‑building skills
• Ability to work independently and manage multiple priorities

• 5+ years of progressive experience in information security, IT risk, compliance, or audit within a financial services or regulated environment
• 2+ years of IT audit experience
• Proven track record in IT security and controls with a strong controls mindset
• Experience in the financial services sector and familiarity with regulatory frameworks
• Understanding of Large Language Models (LLMs) and opportunities to apply AI within the compliance lifecycle
• Industry certifications preferred (e.g., CISA, CRISC, CISM, CISSP)

• Bachelor’s degree in Information Security, Computer Science, Information Systems, Finance, or a related field

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law.

Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at  or .