[Remote] IT Risk and Compliance Analyst - 100% Remote

Note: The job is a remote job and is open to candidates in USA. EPITEC is seeking an IT Risk and Compliance Analyst to support their IT Risk & Compliance Governance team. The role involves executing governance, risk, and compliance activities, developing reports, and contributing to process documentation while ensuring high-quality delivery.

Responsibilities

• Independently perform and support IT governance, risk, and compliance processes and services to ensure timely, accurate, and high-quality delivery
• Handle daily execution of assigned processes and services, identifying and resolving most tactical challenges with guidance as needed
• Develop and maintain reports, metrics, and presentations; deliver content within a defined scope and audience
• Contribute to the creation and modification of internal Risk and Compliance process documentation
• Support the implementation and operation of IT governance policies, standards, and procedures
• Apply risk and compliance frameworks (e.g., ISO, NIST, COSO, PCI) to assigned activities with guidance from senior team members
• Identify control gaps, inefficiencies, and improvement opportunities within existing processes
• Communicate effectively with the engagement lead, team members, and process stakeholders to confirm requirements, timelines, and acceptance criteria
• Participate in cross-functional discussions to understand needs, clarify scope, and align on deliverables
• Establish and maintain productive working relationships within IT and across the business to support timely delivery
• Actively identify improvements to processes and lead assigned improvement activities with oversight
• Support the use and administration of GRC tools (ServiceNow) and platforms to drive efficiency and consistency
• Stay current on IT risk, compliance, and cybersecurity concepts, trends, and best practices

Skills

• 5-10 years of experience in IT risk, compliance, audit, or a related discipline
• Working knowledge of IT governance, risk management, and compliance concepts
• Experience using ServiceNow Integrated Risk Management (IRM)
• Familiarity with common frameworks and standards (e.g., ISO, NIST, COSO, PCI DSS) and how to apply them to controls/evidence
• Ability to handle assigned work independently, communicate status, and call out risks/issues early
• Strong written and verbal communication skills, including drafting clear control narratives and audit-ready responses
• Proficiency with common productivity tools (e.g., Excel, PowerPoint) and producing reports/metrics within a defined scope
• Ability to collaborate effectively in a team-based, matrixed environment while operating as an independent contributor
• Experience supporting audits, assessments, or regulatory activities
• Relevant certifications (e.g., CISA, CRISC, CISSP)

Benefits

• W2 Candidates Only

Company Overview