Audit and Compliance Sr. Analyst -ISO

Our story

At Alight, we believe a company’s success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to “Be Alight.”

Our Values:

Champion People – be empathetic and help create a place where everyone belongs.

Grow with purpose – Be inspired by our higher calling of improving lives.

Be Alight – act with integrity, be real and empower others.

It’s why we’re so driven to connect passion with purpose. Alight helps clients gain a benefits advantage while building a healthy and financially secure workforce by unifying the benefits ecosystem across health, wealth, wellbeing, absence management and navigation.

With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Alight is the perfect place to put your passion to work.

Join our team if you Champion People, want to Grow with Purpose through acting with integrity and if you embody the meaning of Be Alight.

Summary

As a member of Alight Global Security’s Security & Compliance team, this position will provide help manage ISO audits and the applicable controls. With a deep understanding of leading audits, this role, will provide guidance to subject matter experts within Alight on what they need to do to meet and demonstrate each control and help speak to and present collected evidence with various auditors. Additionally, this role would lead any necessary gap assessments, compliance readiness, and compliance monitoring activities through internal audits.

Responsibilities

• Ability to manage parts of Alight’s ISO audit program
• Gains a deep understanding in Alight technology, security, and business operations to aid in audits and verifying ISO compliance
• Work with business leaders and other stakeholders to ensure ISO security standards are embedded in business operations and delivery.
• Interpret patterns of ISO non-compliance to determine impact on levels of risk and work with the appropriate resources to drive higher levels of compliance.
• Provides coaching and mentorship to team members and stakeholders on their controls and the application of them
• Provides input into industry best practices for managing compliance in today's landscape
• Help lead the design, documenting and assessment of audit controls
• Develop testing procedures for assessing the design and operating effectiveness, completeness, accuracy/validity, and timeliness of control outputs
• Identify & escalate any new or emerging gaps in policy or control environment & provide expert advice on new requirements
• Develop and maintain findings library to support analysis, trends
• Drive remediation and risk mitigation planning, execution and oversight
• Provide remediation and policy/control guidance to Alight stakeholders
• Escalate and plan for potential ISO program changes
• Leads, delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks
• Leads, the identification of business process improvements and partners with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing
• Collaborates cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution
• Provides control guidance to technology and business stakeholders to lead them in providing the expected and appropriate evidence
• Interfaces with internal and external auditors for audit activities
• Conducts various IT Compliance controls validation
• Collaborates with technology and business stakeholders along with other Compliance team members to facilitate remediation and execution of corrective action plans
• Participates in continuous improvement initiatives
• Develops metrics and dashboards for reporting on assigned compliance programs
• Manage several projects simultaneously with a sense of urgency
• Comfortable dealing with ambiguity
• Ability to work on a diverse team or with a diverse range of coworkers

Qualifications

• 5+ years of experience in IT audit and/or compliance, with a concentration on ISO 27001, 22301, and 27701 a plus
• Must possess a strong background in security audit
• Experience with control assessments and coordination of audit activities
• Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration)
• Bachelor's Degree in Information Technology, Business or related vocations
• MS Office and project management skills
• Written and verbal English proficiency required
• Strong partnering, communication and presentation skills
• Strong analytical and problem-solving skills
• Strong relationship and team building skills
• Knowledge of Service Now a plus
• Interest in developing knowledge in security and interactions with various internal and external client functions
• Security certifications (CISSP, CISA, CISM, ISO 27001) a plus
• Position may occasionally require hours to accommodate US, EMEA & APAC time zones

Alight requires all virtual interviews to be conducted on video.

Benefits

We offer programs and plans for a healthy mind, body, wallet and life because it’s important our benefits care for the whole person. Options include a variety of health coverage options, wellbeing and support programs, retirement, vacation and sick leave, maternity, paternity & adoption leave, continuing education and training as well as several voluntary benefit options.

By applying for a position with Alight, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Alight’s employment policies. Background checks may include some or all the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, credit check, and/or drug test. You will be notified during the hiring process which checks are required by the position.

Our commitment to Inclusion

We celebrate differences and believe in fostering an environment where everyone feels valued, respected, and supported. We know that diverse teams are stronger, more innovative, and more successful.

At Alight, we welcome and embrace all individuals, regardless of their background, and are dedicated to creating a culture that enables every employee to thrive. Join us in building a brighter, more inclusive future.

As part of this commitment, Alight will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If reasonable accommodation is needed, please contact alightcareers@alight.com.

Equal Opportunity Policy Statement

Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state, or local law. In addition, we take affirmative action to employ, disabled persons, disabled veterans and other covered veterans.

Alight provides reasonable accommodations to the known limitations of otherwise qualified employees and applicants for employment with disabilities and sincerely held religious beliefs, practices and observances, unless doing so would result in undue hardship. Applicants for employment may request a reasonable accommodation/modification by contacting their recruiter.

Authorization to work in the Employing Country

Applicants for employment in the country in which they are applying (Employing Country) must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the Employing Country and with Alight.

Note, this job description does not restrict management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.

We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

DISCLAIMER:

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.

We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

DISCLAIMER:

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.