Compliance and Risk Analyst - PCC

What We Do:

We calm the confusion of IT by guiding the connection between people and technology. If a customer is looking for a better way to manage their warehouse inventory, equip their workforce, or secure their data, we make it happen. All it takes is finding the right combination of tech hardware, software, cloud solutions, and support services. That’s what we do. We’re the IT Department’s IT Department.

Who We Are:

Our team is made stronger by a multitude of backgrounds, experiences, and perspectives. It’s what makes Connection unique—what drives us to innovate and create technology solutions that stand apart from the crowd. We’d love for you to be a part of that fabric, to share your ideas and experiences with a team that thrives on fresh thinking, creativity, and helping others.

Why You Should Join Us:

You’ll find supportive teammates and a rewarding career at Connection—plus great benefits. We take pride in supporting employees with a total rewards package that provides financial, emotional, and physical resources for you and your family. Our compensation, 401k plans, medical insurance, and other benefits are progressive and competitive. We value the importance of our employees’ emotional well-being. To support employees, we provide free therapy visits, mental health coaching and tools, and meditation resources. You’ll also enjoy a generous paid time off package that includes not only vacation and sick time, but also Wellness and Volunteer Time Off days. 

The Compliance and Risk Analyst reports directly to the VP, Information Security and Compliance. The Analyst works with minimal supervision to ensure Connection's compliance with all applicable rules and regulations regarding cyber security and privacy matters. The Analyst is instrumental in identifying, analyzing, and providing security compliance solutions that reduce operational risk of proposed and in-place information processing systems. The Analyst works directly with internal and external third-party auditors to conduct regulatory, and industry prescribed corporate audits. Develops compliance metrics as well as design methods to monitor and measure infrastructure activities and provides compliance reporting. Using established security frameworks, the Analyst applies security best practices and standard configurations for information processing operations. The Analyst works with senior managers across the organization to develop business processes compliant with laws, rules, regulations, and corporate policy.

• Collaborates with various audiences both internally and externally gathering governance/risk/compliance solutions.
• Participates in the annual Sarbanes Oxley internal and external ITGC audits.
• Participates in annual PCI SAQ audits and assists with quarterly compliance reviews as requested.
• Participates in corporate and vendor SSAE18 SOC 2 Type II programs/audits.
• Conducts audit tasks as required such as organizing meetings, audit walk throughs, etc.
• Attends or participates in Information Security training, webcast, podcast events to maintain subject matter proficiency.
• Creates automated and manual reports that identify the overall compliance status of information processing systems.
• Consolidates materials to create quarterly compliance reports.
• Performs all other duties or special projects as assigned.

• Understanding of compliance solutions.
• SOX Audit experience including testing IT General Controls.
• Familiarity with SSAE18 SOC 1,2,3 Type I, II compliance programs and audit procedures.
• Excellent communication and interpersonal skills with ability to work effectively with senior management throughout the organization.
• Strong verbal communication skills to effectively lead meetings.