×
Register Here to Apply for Jobs or Post Jobs. X

Analyst, IT Audit and Compliance

Job in Santa Ana, Orange County, California, 92725, USA
Listing for: Foundation Building Materials
Full Time position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity, IT Business Analyst, Information Security
Salary/Wage Range or Industry Benchmark: 76000 - 105000 USD Yearly USD 76000.00 105000.00 YEAR
Job Description & How to Apply Below

About Us

Company Overview

Foundation Building Materials (FBM) is a leading construction materials distribution company serving the commercial and residential construction markets across United States and Canada. In conjunction with Unified Door & Hardware Group (UDHG), a premier provider of commercial door, frame, and hardware solutions, FBM supports a broad range of construction and architectural projects nationwide.

Together, FBM and UDHG’s 8,000+ Team Members are committed to operational excellence, innovation, and employee development. By combining scale, specialty expertise, and a customer-first mindset, we deliver high-quality products and services to contractors, builders, and project teams across diverse markets. As the organization continues to grow and evolve following the recent acquisition by Lowe’s, we are investing in strong, forward-thinking talent to support our long‑term success.

Overview

Position Overview

The Analyst, IT Audit and Compliance, is responsible for handling IT audit, risk assessment, and compliance program work. This role ensures that IT systems, processes, and controls comply with internal policies, industry standards, and regulatory requirements. This role will work closely with IT, security, finance, and business teams to strengthen internal controls, mitigate risks, and support strategic initiatives under the leadership of the Manager, IT Audit and Compliance.

Responsibilities

and Qualifications

Key Responsibilities

Audit & Risk Management

  • Support the planning and execution of IT audits to evaluate the design and effectiveness of internal controls, security measures, and operational processes.
  • Assist with testing and documentation of SOX controls within a publicly traded company environment to support compliance with financial and IT regulatory requirements.
  • Participate in risk assessments to identify gaps and vulnerabilities in IT systems and processes.
  • Support third‑party risk assessments of vendors in accordance with established frameworks such as NIST.
  • Assist in maintaining audit plans and supporting audit activities aligned with business priorities and regulatory changes.
  • Track and monitor remediation efforts from audit findings and assist in ensuring timely closure of action items.

Compliance & Governance

  • Support compliance activities related to regulatory requirements and frameworks, including SOX, NIST, and PCI.
  • Assist with PCI‑DSS 4.0 compliance efforts, including evidence collection and documentation related to scope reduction initiatives such as segmentation, iFrame, and P2PE.
  • Maintain IT compliance documentation, policies, procedures, and supporting materials to promote effective governance practices.
  • Collaborate with Legal, Finance, IT, and business stakeholders to support compliance initiatives across systems and processes.
  • Monitor regulatory updates and communicate relevant changes and potential impacts to the broader team.

Leadership & Collaboration

  • Support internal and external audit activities by coordinating requests, gathering documentation, and assisting with audit inquiries.
  • Assist with monitoring compliance risks through established internal controls and process improvement initiatives.
  • Coordinate with internal stakeholders and external auditors to support audit and compliance activities.

Continuous Improvement

  • Participate in initiatives to improve IT audit, risk management, and compliance processes and controls.
  • Partner with IT and Security teams to promote best practices in information security and data protection.
  • Assist with external audits, assessments, and compliance reviews conducted by auditors, regulators, and third‑party assessors.
  • Prepare reports, metrics, and documentation to support management visibility into audit and compliance activities.

Additional Responsibilities & Miscellaneous

  • Perform other duties as assigned to support IT Audit and Compliance objectives.

Qualifications

  • Bachelor's degree in Information Systems, Computer Science, Accounting, Cybersecurity, or a related field.
  • CISA, CISM, CISSP, CRISC, or similar certifications preferred but not required.
  • 1–3 years of experience in IT audit, compliance, cybersecurity, risk management, or related…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary