IT Compliance Analyst III

Posted 10 August 2023
Location Oklahoma City, United States of America
Job type Full Time

Job Description

IT Compliance Analyst III

Location: Oklahoma City, OK


Responsible for information security control maintenance and auditing; monitoring compliance with security policy and applicable law. Work with groups in IT, development, and other business units to perform risk assessment reviews, document audit requirements, and implement relevant controls.


  • Monitor information security news for emerging threats, technologies, and regulations that could have an impact on the security of processes, systems, and applications.

  • Champion and manage IT SOX, SOC 1, SOC 2, PCI-DSS, FFIEC, PIPEDA, and GDPR programs, documenting policies and procedures as well as performing audits, risk assessments and management reviews.

  • Collaborate with and educate employees at all leadership levels to determine compliance needs and implement controls.

  • Coordinate and execute IT security projects. Report results to leadership.

  • Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

  • Protect organization's value by keeping information confidential.

  • Document specific duties, activities, problems solved and issues resolved.

  • Assist in onboarding new teammates.

  • Assist in the development of benchmarks and sets specific goals for the evolution of the security of systems, processes, and applications.

  • Actively seek to expand individual skills through research, training, and collaboration with peers.

  • Attend meetings and serve on committees, as requested.

  • Work flexible hours, including weekends and evenings.

  • Availability to respond to emergency situations.

  • Perform additional duties and assignments as requested.



  • Bachelor’s Degree in CS, MIS or related field

  • Industry Certification (GCCC, CISSP, GSNA etc.) highly preferred

Experience Required:

  • 5+ years of IT risk management, IT audit or regulatory compliance experience


  • Information security standards such as IT SOX, SOC 1, SOC 2, ISO 27001, PCI-DSS, FFIEC, PIPEDA, GDPR

  • Industry-specific information security best practices

  • Risk identification and analysis techniques

  • Data confidentiality regulations, strategies and best practices

  • Evaluate critical systems, prioritize workflow and determine solutions

  • Perform risk assessments

  • Strong analytical and problem-solving skills

  • Excellent written and verbal communication skills

  • Interpret and apply laws, regulations and policies

  • Work for extended time at keyboard/terminal

  • Maintain effective working relationships with supervisor and coworkers