Sr. IT Risk and Compliance Analyst
ElasticPower insights and outcomes with the Elasticsearch Platform and AI. See into your data and find answers that matter with enterprise solutions designed to help you build, observe, and protect. Try Elasticsearch free today.
Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.
We are looking for an IT Risk & Compliance (R&C) Analyst to join our growing IT Risk & Compliance (R&C) team! The IT R&C team's mission is to educate risk-concepts to Elasticians and facilitating the risk management and audit experience by acting as a key contact within IT to generate thought leadership, provide guidance, and evidence collection.
The ideal candidate is a self-motivated individual who appreciates a practical approach to risk and compliance, and someone who is passionate about understanding the "why" in managing risk. In your role as a trusted advisor, you’ll proactively consult on matters of risk management within IT, as well as your peers in the Information Security, Internal Audit, and other teams at Elastic.
What you will be doing
- Assist in the implementation of the IT General Controls program
- Educate a diverse workforce in the “why”, “what”, and “who” of internal controls
- Identify and document requirements, risks and control designs
- Assist with internal controls walkthroughs and obtaining evidence requested from audit teams
- Aid in designing new processes or controls to enhance our risk management program
- Aid the remediation effort for control failures and process improvements
- Aid in the review of internal controls and security of systems under development as well as major IT projects and initiatives
What You Bring Along:
- 3 to 4 years of experience in IT Audit or IT Risk Advisory from a public accounting firm, a professional services firm, or a public company
- A deep understanding of IT General Controls and the role they play in an overall control environment is a must
- Knowledge of how periodic user access reviews work, and critical audit testing attributes
- Experience with reviewing and analyzing SOC1/2 reports
- Ability to manage multiple tasks and priorities, and to stay organized and efficient in a fast-paced environment
- Good communication skills and ability to work effectively across multiple functional and business groups
- Ability to think critically and creatively to help identify issue resolutions
- Demonstrated creativity and flexibility in problem solving and project collaboration
Compensation for this role is in the form of base salary. This role does not have a variable compensation component.
The typical starting salary range for new hires in this role is listed below. In select locations (including Seattle WA, Los Angeles CA, the San Francisco Bay Area CA, and the New York City Metro Area), an alternate range may apply as specified below.
These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.
An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.
Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program. Our total rewards package also includes a company-matched 401k with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.
Additional Information - We Take Care of Our People
As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.
We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.
- Competitive pay based on the work you do here and not your previous salary
- Health coverage for you and your family in many locations
- Ability to craft your calendar with flexible locations and schedules for many roles
- Generous number of vacation days each year
- Double your charitable giving - We match up to $1500 (or local currency equivalent)
- Up to 40 hours each year to use toward volunteer projects you love
- Embracing parenthood with minimum of 16 weeks of parental leave
Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.
We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email firstname.lastname@example.org We will reply to your request within 24 business hours of submission.
Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)
Please see here for our Privacy Statement.
More jobs like this
USA - Saint Charles, … USA - Saint Charles, MO Full TimeSenior Senior-levelUSD 73K - 154K USD 73K+
Systems Engineer Support Analyst - Direct Attack Weapons (Associate, Experienced, or Lead)C Clearance Compliance Jira PhD Privacy +2
Career development Competitive pay Flex vacation Health care Insurance +5
Los Angeles, CA, United … Los Angeles, CA, United States Full TimeSenior Senior-levelUSD 121K - 185K USD 121K+
Senior Business Operations Manager, Compliance WorkforceAnalytics Automation Banking Blockchain C Compliance +3
Career development Equity Flex hours Flexible spending account Flex vacation +7
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs