Senior IT Risk and Compliance Analyst - Remote, US

Paylocity is an equal opportunity employer.

Paylocity is an award-winning provider of cloud-based HR and payroll software solutions, offering the most complete platform for the modern workforce. The company has become one of the fastest-growing HCM software providers worldwide by offering an intuitive, easy-to-use product suite that helps businesses automate and streamline HR and payroll processes, attract and retain talent, and build a strong workplace culture.

While traditional HR and payroll providers automate basic HR processes such as payroll and benefits administration, Paylocity goes further by developing tools that HR and businesses need to compete for talent and deliver against the expectations of the modern workforce.

We give our employees what they need to succeed, including great benefits and perks! We offer medical, dental, vision, life, disability, and a 401(k) match, as well as perks that support you, your family, and your finances. And if it’s career development you desire, we provide that, too! At Paylocity, people matter most and have always been at the heart of our business.

When you feel like you belong, work is no longer work – it's personal. At Paylocity, we believe better employees lead to better companies. Workplaces and cultures that care will build the future, and at Paylocity, we’re doing just that. Join us as we change the future and transform your career!

There are jobs and then there are careers. Since 1997, Paylocity has been hiring talented people, giving them big challenges, and providing the right resources to help them succeed. Our award-winning culture ensures all employees feel truly welcome, appreciated, and free to be themselves. While other companies talk about it, we make it happen. Join Paylocity and launch your career!

Position Overview

Senior IT Risk & Compliance Analyst responsible for supporting the execution of internal and external assessments related to regulations and standards including SOX, SSAE 18 (SOC), ISO27001, and HIPAA. Works closely with teams across the organization to review existing IT policies, procedures, and processes, and provides insights on risk areas, mitigations, process improvements, and control recommendations to support the transformation of the IT compliance program.

Responsibilities

The below represents the primary duties of the position, others may be assigned as needed. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Assess compliance with policies, standards, and regulations through the performance of risk assessments and controls testing and provide recommendations related to non-compliance areas requiring remediation.
• Support coordination of internal and external audits with IT process owners and other key stakeholders including facilitating evidence collection and other requests from audit teams related to SOX, SSAE 18 (SOC), ISO27001, and HIPAA.
• Establish centralized compliance repository including drafting and maintaining process and controls documentation, workflows, diagrams, and training materials/manuals related to IT processes.
• Monitor existing risk and controls framework for emerging risks including evaluating applicability to the company and providing control recommendations, where applicable, to align with the company’s risk tolerance level.
• Develop the management action plan related to non-compliance areas and drive to completion including performing final testing to ensure remediation.
• Identify improvement opportunities and provide recommendations to further mature existing IT processes and controls to align with best practices including use of automation and optimization.
• Serve as a subject matter resource to assess compliance implications related to technical implementations and other IT projects and execute pre-implementation reviews.
• Design continuous controls monitoring program utilizing GRC solution, dashboards, analytics, automation, and other supporting tools.
• Facilitate and monitor to completion the execution of certain control activities including periodic user access reviews.
• Prepare ongoing reports with specified metrics/key performance indicators related to compliance activities, audit results, remediation plans, and other compliance efforts and present to IT and executive management.
• Assist in educating and training individuals across the organization including control and process owners related to compliance concepts, requirements, and responsibilities and establish awareness regarding role of the overall compliance function.
• Other duties as assigned.

Requirements

• 5+ years progressive experience ideally with a Public Accounting firm or Software-as-a-Service (SaaS) company in one or more of the following areas: IT Compliance, IT Audit, IT Risk Management, and IT Governance
• Bachelor’s degree in Information Security, Computer Science, Information Systems, or Accounting.
• Extensive knowledge and experience with regulatory frameworks and compliance standards such as SOX, SSAE 18 (SOC), COBIT, NIST, ISO, HIPAA, PCI, etc.
• Experience with performing technical risk assessments, analyzing risk, and providing recommendations on risk mitigation strategies
• Experience working and collaborating effectively with executives, technical subject matter experts, and internal/external auditors in gathering information and demonstrating compliance with standards.
• Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness testing and reporting on results and recommendations
• Experience with creating and maintaining high quality documentation related to IT processes including flow charts and data flow diagrams
• Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties
• Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively
• Possess one or more of the following professional designations: CISA, CISSP, CRISC, CGEIT, CISM, CPA
• Physical requirements
  • Ability to sit for extended periods: The role requires sitting at a desk or workstation for long periods, typically 7-8 hours a day.
  • Use of computer and phone systems: The employee must be able to operate a computer, use phone systems, and type. This includes using multiple software programs and inquiries simultaneously.

Paylocity is an equal-opportunity employer. Paylocity is committed to the full inclusion of all individuals. We recruit, train, compensate, and promote regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law. At Paylocity, we believe diversity makes us better. We embrace and encourage our employees’ differences in age, culture, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion or spiritual belief, sexual orientation, socio-economic status, veteran status, and other characteristics that make our employees unique. We actively cultivate these differences through our employee resource groups (ERGs), employee experiences, perspectives, talents, and approaches to drive innovation in the software and services we provide our customers.

We comply with federal and state disability laws and make reasonable accommodations for applicants and employees with disabilities. To request reasonable accommodation in the job application or interview process, please contact LeaveBenefits@paylocity.com. This email address is exclusively designated for such requests, aligning with federal and state disability laws. Please do not send resumes to this email address, as they will be removed.

This role can be performed from any office in the US. The pay range for this position is $78,800 - $125,000/yr; however, base pay offered may vary depending on job-related knowledge, skills, and experience. This position is eligible for an annual bonus and restricted stock unit grant based on individual performance in addition to a full range of benefits outlined here. This information is provided per the relevant state and local pay transparency laws for the location in which this position will be performed. Base pay information is based on market location. Applicants should apply via www.paylocity.com/careers.

At Paylocity, “We” is what makes us different. We are committed to fostering aculture that honors diverse opinions, perspectives, and backgrounds, knowing that each makes us stronger andcollectively unbeatable together. We actively cultivate these differences as we engage each other in drivinginnovation in the software and services we provide our customers. Paylocity is an equal opportunityemployer.If you are an individual with a disability and you need assistance or a reasonable accommodation during theapplication process, please contact our services team at +1 (844) 404-7427.