Grc Analyst
CurrentExperienced in Using Archer GRC tool to manage multiple control assessments such as documenting gap assessment, remediation, Third-party vendor risk assessment, data privacy compliance assessment, risk calculator, and risk acceptance.• Experienced in using Archer to create, manage, and enforce policies. Also, used Archer to identify, implement, and monitor controls.• Experience in using Logic Manager to manage the risks associated with data breaches and cyberattacks.• Led and managed the company's compliance program, overseeing SOX compliance, UARs, SAP integration, and transaction code reviews, ensuring adherence to regulatory standards and internal policies.• Executed SOX remediation activities meticulously, ensuring all internal controls were robust, compliant, and effectively addressing identified issues.• Reviewed transaction codes rigorously, guaranteeing compliance with SOX and other relevant regulations, maintaining accuracy and consistency across the organization.• Served as the primary point person for evaluating exception requests to policies and best practices, demonstrating a keen ability to assess compliance issues.• Effectively communicated with business colleagues in non-technical terms, translating complex technical information into understandable language to justify exceptions and analyze risks.• Conducted thorough risk assessments to understand potential exposures and determine the risk rate associated with exceptions, providing actionable insights to decision-makers.• Collaborated with stakeholders to propose solutions for exceptions, ensuring compliance while mitigating risks.• Exhibited strong analytical and problem-solving skills, identifying root causes of issues and proposing viable solutions.• Proficiency in industry control frameworks (NIST 800-53, NIST CSF, ISO 27001/27002• Experienced with COSO, FISCAM, PCIDSS, HIPAA, ISO 27000, FISMA, NIST SP 800-53 Rev 4 series, or other risk control frameworks.