Note: The job is a remote job and is open to candidates in USA. Watts Water Technologies is a leading brand focused on providing innovative water solutions. They are seeking an IT Risk & Compliance Analyst to support IT compliance, audit readiness, and risk management activities while coordinating efforts across various teams to ensure cybersecurity and compliance with regulations.
Responsibilities
- Coordinate IT compliance, audit-related activities, and cybersecurity findings management efforts across Information Security, IT, Internal Audit, business control owners, and external assessors
- Support SOX IT General Controls (ITGC) activities, including planning, evidence collection, documentation review, auditor inquiries, testing support, and issue resolution
- Administer and maintain compliance, audit, findings, and risk management information within Optro (AuditBoard) and other systems of record
- Track audit findings, remediation plans, risk items, action plans, and stakeholder commitments to ensure timely completion and closure
- Support internal and external audits, assessments, walkthroughs, control testing activities, and evidence requests
- Assist with compliance and risk management activities related to cybersecurity disclosures, privacy requirements, data protection regulations, and external security assessments
- Partner with control owners, process owners, and risk owners to clarify compliance requirements, facilitate evidence collection, and support remediation activities
- Monitor timelines, milestones, dependencies, and deliverables across multiple concurrent compliance and audit workstreams
- Prepare organized documentation, status reports, metrics, dashboards, and management reporting materials to support decision-making and audit readiness
- Maintain accurate records of controls, risks, findings, remediation activities, and supporting evidence
- Assist in mapping controls, risks, findings, and supporting documentation to the NIST Cybersecurity Framework and other applicable regulatory frameworks
- Identify opportunities to improve compliance processes through workflow enhancements, reporting automation, evidence reuse, standardization, and other process improvements
- Support the development of compliance documentation, procedural guidance, stakeholder communications, and training materials as needed
- Collaborate with cross-functional teams to promote compliance awareness, accountability, and continuous improvement across the organization
- Maintain confidentiality and exercise discretion when handling sensitive compliance, audit, risk, and cybersecurity information
- Assume responsibility for other projects and duties as assigned by the Manager, IT Risk & Compliance or Company management
Skills
- Bachelor's degree in accounting, Finance, Information Systems, Business Administration, Risk Management, Compliance, Cybersecurity, or a related field; or equivalent combination of education and relevant work experience
- Three to five years of experience in IT compliance, IT audit, internal audit, risk management, controls, governance, risk and compliance (GRC), or information security compliance
- Working knowledge of IT General Controls (ITGCs) and SOX compliance requirements
- Experience utilizing GRC, audit management, risk management, ticketing, or evidence management platforms such as Optro (AuditBoard), ServiceNow GRC, Archer, MetricStream, Jira, or similar solutions
- Demonstrated ability to coordinate activities across Information Security, IT, Internal Audit, external assessors, and business stakeholders
- Strong organizational skills with the ability to manage multiple priorities, deadlines, and workstreams simultaneously
- Strong written and verbal communication skills with the ability to present information clearly and professionally
- Experience documenting processes, maintaining audit evidence, and supporting compliance activities in a regulated environment
- Ability to identify process improvement opportunities and contribute to increased efficiency and standardization
- Understanding of and adherence to applicable laws, codes, policies, regulations, and security practices and procedures
- Must successfully establish employment eligibility and satisfactorily complete background checks and required pre-employment testing as a condition of employment
- Direct experience administering Optro (AuditBoard), including workflows, evidence requests, testing documentation, issue management, risk tracking, dashboards, and reporting
- Familiarity with the NIST Cybersecurity Framework, NIST SP 800-53, ISO 27001, GDPR, U.S. privacy regulations, and SEC cybersecurity disclosure requirements
- Experience coordinating external cybersecurity assessments, penetration testing findings, vulnerability remediation efforts, risk reviews, or security exception processes
- Professional certification such as CISA, CRISC, CIA, CISSP, or active pursuit of one of these certifications
- Experience utilizing automation and reporting tools such as Power Automate, SQL, Python, APIs, or similar technologies
- Experience supporting compliance program implementations, procedural documentation development, stakeholder training, or governance initiatives
Benefits
- Competitive compensation based on your skills, qualifications and experience
- Comprehensive medical and dental coverage, retirement benefits
- Family building benefits, including paid maternity/paternity leave
- 10 paid holidays and Paid Time Off
- Continued professional development opportunities and educational reimbursement
- Additional perks such as fitness reimbursements and employee discount programs
Company Overview