IT Governance, Risk, and Compliance Senior Analyst

Crane NXT is seeking an IT Governance, Risk, and Compliance (GRC) Senior Analyst who will report to the Senior Manager, IT Governance, Risk, and Compliance.  This individual will collaborate with process owners, internal auditors, external auditors, and other stakeholders to assist in reviewing and monitoring compliance initiatives. This includes helping the team manage ISO27001 and other relevant ISO audits, PCI and SOX Compliance programs. By supporting the implementation of internal and external assessments, responding to and managing the full lifecycle of compliance audits, and ensuring compliance with existing and emerging regulations and standards including ISO 27001, SOX, and other GRC activities, the IT GRC Senior Analyst will contribute to the transformation of the company’s IT compliance program.

Additionally, this individual will assist in maintaining and maturing the IT organization around third-party compliance reviews, privacy assessments, continuous improvement initiatives and other core activities.  This is a global role ensures that any gap related to governance, risk, and compliance are effectively mitigated.

Responsibilities and Duties: •    Compliance o    Support in the development and implementation of the company’s IT GRC framework, the IT compliance process and ensure adherence to regulatory requirements and support global compliance initiatives, maintain and monitor compliance controls. o    Assist in the development and maintenance of policies, procedures, and controls to meet compliance requirements. o    Support internal and external audit initiatives, maintaining a central repository for audit evidence. o    Assist the department in responding to inquiries from the business units about ongoing operational compliance. o    Work together with other stakeholders to link IT, procurement, and privacy departments with GRC objectives. o    Support Change management for the IT processes within the business Unit  o    Support ITGC assessments and other corporate initiatives. o    Support SOX, PCI and ISO readiness and assessments  o    Help in supporting IT Control gaps remediation •    Third-party assessments o    Assist and support compliance for solutions that come under Enterprise Architecture Board and AI technology reviews. •    Continuous Improvement o    Drive continuous improvement by identifying gaps and potential improvement opportunities in Compliance, Vendor Management, and overall IT governance processes with ownership of monthly tracking and reporting including KPI’s and productivity updates.

Qualifications & Competencies: •    Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or Risk Management. •    7+ years of experience in a corporate IT Governance, Compliance, or Audit environment. •    Internal audit and/or project management experience a plus. •    Ability to work effectively across matrixed organizations. •    Knowledge of process improvement and transformation approaches, including change management, process/value stream mapping, and technology transformation. •    Experience with regulatory compliance frameworks (e.g. SOX, GDPR, ISO 27001, PCI). •   Very strong communication and customer-oriented interpersonal skills.  Communicates effectively in numerous channels (formal and ad hoc meetings, email, other collaboration tools).

*Crane NXT is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, or national origin or any other characteristic protected under applicable federal, state, or local law.