Paylocity is an equal opportunity employer.
Paylocity is a cloud-based software company that creates customized HR solutions for small to mid-sized organizations. Our workplace enhances communication and enables employees to connect, collaborate, and create from anywhere. Our award-winning culture ensures everyone has a voice and feels truly welcome. Join Paylocity as we shape the future of technology and the workplace!
We give our employees what they need to succeed, including great benefits and perks! We offer medical, dental, vision, life, disability, and a 401(k) match, as well as perks that support you, your family, and your finances. And if it's career development you desire, we provide that, too! At Paylocity, people matter most and have always been at the heart of our business.
When you feel like you belong, work is no longer work - it's personal. At Paylocity, we believe better employees lead to better companies. Workplaces and cultures that care will build the future, and at Paylocity, we're doing just that. Join us as we change the future and transform your career!
There are jobs and then there are careers. Since 1997, Paylocity has been hiring talented people, giving them big challenges, and providing the right resources to help them succeed. Our award-winning culture ensures all employees feel truly welcome, appreciated, and free to be themselves. While other companies talk about it, we make it happen. Join Paylocity and launch your career!
Position Overview:
As a Senior IT Risk & Compliance Analyst, you will assist with driving the transformation of the company's IT compliance program by supporting the execution of internal and external assessments associated with current and emerging regulations and standards including SOX, SSAE18(SOC), ISO27001, and HIPAA. The person in this key role will work closely with individuals across the organization to understand existing IT policies, procedures and processes and provide insights related to applicable risk areas, mitigations, process improvements, and control recommendations.
Location: Remote
Reports To: Director, IT Compliance
Responsibilities:
The below represents the primary duties of the position, others may be assigned as needed. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Assess compliance with policies, standards, and regulations through the performance of risk assessments and controls testing and provide recommendations related to non-compliance areas requiring remediation.
• Support coordination of internal and external audits with IT process owners and other key stakeholders including facilitating evidence collection and other requests from audit teams related to SOX, SSAE18(SOC), ISO27001, and HIPAA.
• Establish centralized compliance repository including drafting and maintaining process and controls documentation, workflows, diagrams, and training materials/manuals related to IT processes.
• Monitor existing risk and controls framework for emerging risks including evaluating applicability to the company and providing control recommendations, where applicable, to align with the company's risk to clearance level.
• Develop the management action plan related to non-compliance areas and drive to completion including performing final testing to ensure remediation.
• Identify improvement opportunities and provide recommendations to further mature existing IT processes and controls to align with best practices including use of automation and optimization.
• Serve as a subject matter resource to assess compliance implications related to technical implementations and other IT projects and execute pre-implementation reviews.
• Design continuous controls monitoring program utilizing GRC solution, dashboards, analytics, automation, and other supporting tools.
• Facilitate and monitor to completion the execution of certain control activities including periodic user access reviews.
• Prepare ongoing reports with specified metrics/ key performance indicators related to compliance activities, audit results, remediation plans, and other compliance efforts and present to IT and executive management.
• Assist in educating and training individuals across the organization including control and process owners related to compliance concepts, requirements, and responsibilities and establish awareness regarding role of the overall compliance function.
• Other duties as assigned.

Requirements:

• Bachelor's degree in Information Security, Computer Science, Information Systems, or Accounting.
• Minimum of 5 years progressive experience ideally with a Public Accounting firm or Software-as-a-Service (SaaS) company in one or more of the following areas: IT Compliance, IT Audit, IT Risk Management, and IT Governance.
• Extensive knowledge and experience with regulatory frameworks and compliance standards such as SOX, SSAE18 (SOC), COBIT, NIST, ISO, HIPAA, etc.
• Experience with performing technical risk assessments, analyzing risk, and providing recommendation so risk mitigation strategies.
• Experience working and collaborating effectively with executives, technical subject matter experts, and internal/external auditors in gathering information and demonstrating compliance with standards.
• Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness testing and reporting on results and recommendations.
• Experience with creating and maintaining high quality documentation related to IT processes including flow charts and data flow diagrams.
• Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively.
• Possess one or more of the following professional designations: CISA, CISSP, CRISC, CGEIT, CISM, CPA.

Soft Skills:

• Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties.

This role can be performed from any office in the US. The pay range for this position in Colorado is $82,352- $115,302/yr;
however, base pay offered may vary depending on job-related knowledge, skills, and experience. This position is eligible for an annual bonus and restricted stock unit grant based on individual performance in addition to a full range of benefits outlined here. This information is provided per the Colorado Equal Pay for Equal Work Act. Base pay information is based on market location. Applicants should apply via www.paylocity.com/careers.
Paylocity is an equal opportunity employer.
Paylocity is committed to the full inclusion of all individuals. We comply with federal and state disability laws and make reasonable accommodations for applicants and employees with disabilities. To request reasonable accommodation in the job application or interview process, please contact [email protected]