IT Compliance Analyst
Here at TJX Canada, we strive our hardest to make sure that, every day, our customers are able to find the latest and greatest designer brand names for less than they'd pay elsewhere. When they walk through the doors of our stores, whether it's a Winners, HomeSense, or Marshalls, savvy shoppers know they'll experience the "Thrill of the Find," which, if you're curious, feels like a slight breeze blowing over the surface of your skin-not a bad feeling, if we do say so ourselves.
But you're not here to feel the breeze. You're here to see if working with TJX Canada is right for you. To help with your decision, we'd like to introduce you to someone who once faced the same choice you have to make.
As one of our IT Compliance Analysts, Marshal plans and executes compliance and security testing. He monitors information policies and standards by conducting data privacy assessments, internal control reviews, and risk assessments. He is always up-to-speed with the latest knowledge of IT-related regulatory compliance requirements and standards.
What makes Marshal perfect for this role? He is a rare breed indeed. He has a brilliant technical mind coupled with strong business acumen and agile problem solving skills. Of course, he also has a collection of Star Trek memorabilia that's out of this world.
This is Marshal's story. He is one of us.
But know this. If you do decide to apply for this position, and we agree that this is the right job for you, you'll be supported by a plethora of internal programs whose only focus is the continued progress of your career. At TJX Canada, we do everything we can to help you achieve your full potential. But we can't do it all ourselves. You'll need to bring the ambition, the motivation, and the drive.
So what do you think? Like Marshal, are you one of us?
Now, if you were to come on board as one of our IT Compliance Analysts, we'd ask you to do the following:
- Execute, implement and design compliance testing, controls assessment, and documentation across all SOX domains (InfoSecurity, Program Change, IT Operations, Applications Development) and other control and compliance requirements (i.e., PCI, Data Privacy, etc).
- Audit current IT processes to ensure Company compliance.
- Prepare audit summaries and report findings.
- Review audit results with appropriate management and provide recommendations.
- Monitor corrective action plans and related reporting.
- Participate in the quarterly SOX audits conducted by Corporate IT Compliance.
- Act as an expert liaison between the Company and both internal and external stakeholders on key control and compliance issues.
- Represent the Company's interests on control design and compliance/testing results with external auditors, Internal Audit, Corporate Compliance, and both IT and end-user process owners.
- Participate in information security policy development in collaboration with business partners and management.
- Assist in the execution of information security control reviews to evaluate compliance with published policies and standards.
- Ensure legislative mandates relating to information security and general computer controls are met throughout the Company.
- May be required to provide training, instruction and guidance to junior staff members.
- Special projects as assigned.
Sounds rather challenging and exciting, right? Let's hope so, because if it sounds easy or boring, there's a good chance this job isn't for you. But if it does sound right for you, here's why we know you'll be able to handle those challenges:
- You have at least two years of experience in IT audit and planning, risk assessment or business continuity planning; you have at least two years of experience performing SOX 404 IT control/assessment work.
- You have a bachelor's degree in Business, Management Information Systems or related field experience with the following professional designations preferred: CISA, CISM, CISSP, CIA, CPA.
- You have a strong understanding of information security principles (including risk assessment).
- You have a solid understanding of IT audit methodologies.
- You are able to work independently as well as on a team in a fast-paced, deadline-driven environment.
We know some of that might sound a little daunting, but if we're going to meet and exceed our promises to our customers, we have to be committed to hiring the best person for the job.