IT Controls & Governance Analyst

---

Job description

Position Summary:

As the IT Controls and Governance Analyst, you will support the design, implementation, and monitoring of IT controls and governance frameworks that drive operational efficiency, mitigate risks, and ensure compliance with regulatory requirements. In this role, you will facilitate audits, conduct risk assessments, and contribute to the continuous improvement of IT processes across the organization, aligning with corporate objectives and external standards.

This role presents a unique opportunity to play a pivotal part in strengthening the governance and risk management functions within our IT organization.

Responsibilities:
IT Controls Monitoring & Compliance

Design, implement, and monitor IT control processes across a variety of systems.

Assess the effectiveness of IT controls, ensuring they align with frameworks such as SOX, COBIT, and ISO 27001.

Regulatory test IT controls to identify deficiencies, gaps, or areas for optimization and improvement.

Support the development of and execution of remediation plans, ensuring timely follow-up on control deficiencies.

Governance Framework Support

Assist in developing and updating IT governance policies, procedures, and standards to reflect evolving business needs and regulatory requirements.

Collaborate with internal teams to ensure the successful execution of governance activities.

Participate in efforts to embed governance frameworks (e.g., SOX, GDPR, NIST) into daily IT operations across the organization.

Risk Management

Contribute to identifying, assessing, and managing IT-related risks, particularly those affecting data privacy, security, and operational processes.

Help maintain the IT risk register, ensuring it is up-to-date and responsive to emerging threats.

Support audit readiness by gathering evidence, managing audit requests, and coordinating remediation efforts based on audit findings.

Collaboration & Stakeholder Engagement

Serve as the primary point of contact for third-party service providers involved in IT-related audits and reviews, ensuring expectations, objectives, and timelines are met.

Work closely with IT, Legal, and other business teams to support the implementation of governance and control frameworks.

Act as a liaison between IT and external auditors during regulatory reviews to ensure smooth communication and alignment.

Provide guidance and training to IT teams on governance practices and control requirements to enhance compliance.

Documentation & Reporting

Maintain organized documentation of IT control activities, risk assessments, and governance reviews.

Prepare reports for leadership and stakeholders on the status of IT controls, risk mitigation efforts, audit results, and action plans.

Communicate governance initiatives and compliance updates to relevant teams and departments.

Continuous Improvement

Contribute to the ongoing refinement and improvement of IT governance and controls.

Stay informed on emerging IT trends, best practices, and regulatory changes to ensure the organization remains complaint and proactive in its governance strategy.

Recommend process improvements to enhance the efficiency and effectiveness of governance, risk, and control functions.

Other work duties as assigned.

Requirements:
KNOWLEDGE, SKILLS & ABILITIES:

Solid understanding of IT governance, risk management, and compliance (GRC) principles.

Ability to conduct IT control assessments, audits, and reviews in a structured and thorough manner.

Strong written and verbal communication skills, with the ability to present findings clearly to both technical and non-technical audiences.

Analytical mindset with a strong attention to detail, capable of identifying trends, risks, and areas for improvement

Familiarity with cloud-based infrastructure and associated governance and control measures is desirable.

Experience with audit preparation and remediation in public or regulated industries.

EDUCATION:

Bachelor's degree in Information Technology, Information Systems, Cybersecurity, Business Administration, or a related field.

2-4 years of experience in IT audit, governance, risk management, or related fields.

Familiarity with frameworks like SOX, COBIT, ISO 27001, NIST, or other relevant control frameworks.

Experience working with IT governance in a highly regulated or public company environment is preferred but not required.

Benefits:
Competitive salary

Medical, dental, vision, and supplemental insurance

401K Plan

Paid Holidays

Paid Time Off

Working Conditions:
Office environment with limited physical effort, continuous mental effort, and frequent complex requests for assistance.

Travel may be required.

PHYSICAL JOB REQUIREMENTS & DEMANDS:

Extended periods of sitting, concentration and frequent use of hand dexterity.

Company Overview:
Acuren is a trusted, single source provider of technology-enabled asset protection solutions used to evaluate the structural integrity of critical energy, industrial and public infrastructures. Committed to delivering a Higher Level of Reliability, Acuren provides an unrivaled spectrum of capabilities including inspection, traditional and advanced NDE/NDT, failure analysis, rope access, materials engineering, field engineering, reliability engineering, drones, robotics, V-Deck and condition-based monitoring services.

Our work is critical to the integrity and safety of industrial firms, including petroleum refinery, pipeline, power generation, pulp & paper, mining, pharmaceutical, aerospace and automotive industries. Acuren employs over 4,000 dedicated professionals supporting the mechanical integrity and inspection programs of the world's largest industrial segments.

Acuren is a market leader. Our formula for success is straightforward: be capable locally, with certified and well-equipped personnel supported by trained, experienced leaders. Continuing to build on a strong heritage of safety, quality and professionalism, Acuren strives to maintain incident free work environments, pursues advanced technical developments, and supports reliability programs that are valued by clients and employees.

<!– job description page –>