Sr. IT Risk & Control Analyst
Elastic is a free and open search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real-time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co.
Are you passionate about understanding the "why" in managing risk? If so, come join the growing IT Risk & Compliance (ITRC) team at Elastic! In this role, you will work with a diverse group of collaborators not just within IT, but across various functions at Elastic!
We are looking for a self-motivated individual who seeks to help bring a practical and intuitive approach to risk and compliance. ITRC's objective is to drive a "compliance-by-design" mindset through thought leadership and a consultative approach. This role requires the use of analytical skills to solve complex problems and deliver clear recommendations to collaborators in IT, Information Security, and others in the business.
What you will be doing
- Assess technology risks in end-to-end processes, and new projects at Elastic from planning, scope development to execution which includes:
- Evaluating, documenting, and advising on end to end business system architecture and processes in order to effectively manage IT risks and build out mitigation measures
- Documenting and evaluating end-to-end business systems architecture and processes to effectively manage IT risks to assist in the design of appropriate mitigation measures
- Validating design of processes and controls to facilitate internal or external audits
- Assist with internal controls walkthroughs and obtaining evidence requested from audit teams
- Analyzing audit deficiencies or improvement opportunities by defining the appropriate remediation plans
- Educate a diverse workforce in the “why”, “what”, and “who” of risk management
- 4 to 5 years of experience in IT Audit or IT Risk Advisory from a Big 4 public accounting firm, or a public company
- A deep understanding of IT General Controls and the role they play in an overall control environment is a must
- Knowledge of how periodic user access reviews work, and critical audit testing attributes
- Experience with reviewing and analyzing SOC1/2 reports
- Ability to manage multiple tasks and priorities, and to stay organized and efficient in a fast-paced environment
- Natural curiosity for finding opportunities for automation in processes and controls
- Excellent communication skills and ability to work effectively across multiple functional and business groups
- Ability to think critically and creatively to resolve issues
- Demonstrated creativity and flexibility in problem solving and project collaboration
- Experience working with modern GRC solutions such as AuditBoard and project management platforms such as Jira
- Ability and interest in working in a fast-paced, high-growth setting with a positive approach
- Worked with multicultural and geographically distributed teams
#LI-LB1
Additional Information - We Take Care of Our PeopleAs a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.
We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.
- Competitive pay based on the work you do here and not your previous salary
- Health coverage for you and your family in many locations
- Ability to craft your calendar with flexible locations and schedules for many roles
- Generous number of vacation days each year
- Double your charitable giving - We match up to $1500 (or local currency equivalent)
- Up to 40 hours each year to use toward volunteer projects you love
- Embracing parenthood with minimum of 16 weeks of parental leave
Different people approach problems differently. We need that. Elastic is an equal opportunity/affirmative action employer committed to diversity, equity, and inclusion. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, pregnancy, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status, or any other basis protected by federal, state or local law, ordinance or regulation.
We welcome individuals with disabilities and strive to create an accessible and inclusive experience for all individuals. To request an accommodation during the application or the recruiting process, please email candidate_accessibility@elastic.co We will reply to your request within 24 business hours of submission.
Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Pay Transparency Nondiscrimination Provision Poster; Employee Polygraph Protection Act (EPPA) Poster and Know Your Rights (Poster)
Please see here for our Privacy Statement.