×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Business Analyst Data Security Information Security

Sr IT Governance Risk and Controls Analyst

Job in Tampa, Hillsborough County, Florida, 33646, USA
Listing for: Refresco Group
Full Time position
Listed on 2026-01-07
Job specializations:
  • IT/Tech
    Cybersecurity, IT Business Analyst, Data Security, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Sr IT Governance Risk and Controls Analyst

Join to apply for the Sr IT Governance Risk and Controls Analyst role at Refresco

1 day ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Make a Difference in YOUR Career!
Our vision is both simple and ambitious: to put our drinks on every table.

Summary Description

This role is responsible for maintaining and improving our IT governance, risk, and compliance (GRC) program, with a focus on SOX compliance, application and data transfer controls, validating the completeness and accuracy of reports, third‑party risk management and disaster recovery.

Essential Job Functions

IT Risk Assessments:

  • Conduct comprehensive IT risk assessments, including identifying and analyzing potential threats and vulnerabilities across applications, infrastructure, and data.
  • Develop and maintain risk registers, documenting identified risks, their potential impact, and mitigation strategies.
  • Collaborate with IT and business stakeholders to prioritize and remediate identified risks.
  • Assess impact of IT changes to policies, risks, controls, and governance process (including but not limited to disaster recovery, RCM).

SOX Compliance:

  • Maintain and update the Risk and Control Matrix.
  • Evaluate the design and monitor the execution of management's SOX controls.
  • Participate in business process walkthroughs to identify application controls, reports and ITGC dependencies/risks.
  • Review SOC reports and map control deficiencies to relevant IT risks.
  • Ensure all control evidence of operating effectiveness is maintained timely, with appropriate detail for all IT controls; own the development, reporting and completion of control remediation plans.

Application and Data Transfer Controls, Report Validation:

  • Identify the application controls, interfaces/batch jobs and reports key to supporting SOX business processes.
  • Evaluate the design and effectiveness of application controls.
  • Evaluate the design and effectiveness of controls intended to mitigate data transfer errors/incompleteness.
  • Evaluate the design (completeness and accuracy) of reports used for key controls.

Third‑Party

Risk Management:

  • Support the implementation of a third‑party risk management program.
  • Monitor and manage risks associated with third‑party relationships.

Disaster Recovery:

  • Develop, maintain and test the IT disaster recovery plan, inclusive of supporting audits and requests for understanding and evidence by 3rd parties.

Cyber Security:

  • Perform cyber security posture evaluations.
  • Design and execute strategies to evaluate the ICFR impact of cyber security incidents.
  • Draft the appropriate disclosures regarding cyber security posture and cyber incidents and response as necessary.

Ongoing Regulatory Compliance:

  • Ensure compliance with relevant regulations and industry standards (e.g., SOX, NIST).
  • Assist with internal and external audits.
Required

Skills and Qualifications
  • Advanced knowledge of SOX controls and compliance; experience implementing or improving SOX.
  • Strong drive and organizational skills inclusive of project and program management.
  • Ability to proactively, productively manage diverse stakeholder groups.
  • Excellent accounting and analytical skills.
  • Technical expertise in ERP system design and operation.
  • In‑depth knowledge of IT governance frameworks (e.g., COBIT, ITIL) and risk management methodologies.
  • Excellent interpersonal and communication skills, verbal and written.
  • Strong understanding of SOX requirements and IT general controls (ITGCs).
  • Ability to analyze and solve problems, results oriented.
  • Able to prioritize work, and determine when necessary to switch priorities.
  • Experience evaluating / governing SAP ITGCs.
Education and Experience
  • Undergraduate degree in Accounting, Information Technology, Computer Science or related technical degree required.
  • Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designation required (two or more preferred).
  • 3+ years relevant work experience in public accounting or 4+ years industry required.
  • 2+ years working with SOX in the IT domain with or for a…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search