Share this Job

Senior IT Compliance Analyst

Date: Jul 9, 2019

Location: Charlotte, NC, US, 28277

Company: XPO Logistics

Logistics done differently.

Are you ready to take your career to new heights? Join XPO Logistics, a company named among the most admired in the world by Fortune and one of America’s best employers by Forbes. As the Senior Auditor, IT Controls, you will work as part of a team to provide use of the Governance Risk and Compliance (GRC) tool supporting IT control risks and General Data Protection Regulation (GDPR) risks. You will also provide project management and support for IT SOX control risks and initiatives. This role is critical in positioning XPO for long-term success. With us, you’ll have the support to excel at work, and the resources to build a career you can be proud of.


Pay, benefits and more.

We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability and the opportunity to participate in a company incentive plan.


What you’ll do on a typical day:

  • Act as a dedicated single point of contact for GRC tool use and risk management support
  • Provide information/support for business impact assessments and maintenance of the IT/InfoSec risk register
  • Offer subject matter expertise to senior management in identifying and assessing internal and external risks, determining control objectives and monitoring compliance efforts through use of the GRC toolset
  • Develop the design for monitoring and testing for GDPR risks, developing a plan of testing and carrying out the testing in alignment with global methodology with GRC tool management
  • Design, implement and obtain approval of effective management information and reporting, including local and global dashboard and metric reporting on compliance findings for all meaningful internal GRC-based compliance
  • Liaison with internal multifunctional teams, including Information Security, Technology, Infrastructure, Legal, Finance, Product, etc.; partner with vendors and external clients
  • Provide audit and project management support for IT SOX and risk management initiatives
  • Manage assignments, schedules, status reporting and alignment to the project’s methodology in conjunction with the program/project manager
  • Maintain key documents and processes; provide clear verbal/written communication to project partners and management

What you need to succeed at XPO:

At a minimum, you’ll need:

  • Bachelor’s degree in Business, Technology, Finance or a related field
  • 6 years of experience in Information Technology
  • 4 years of demonstrable experience in IT audit or in a risk advisory role
  • Experience with IT GRC/IRM platforms (Oracle, RSA Archer, MetricStream, etc.)
  • Deep understanding of IT SOX risk control elements and risk governance
  • Proven effective communication and presentation skills with an understanding of the reporting and communication styles required for various levels of management reporting

It’d be great if you also have:

  • Certified CISA, CISM or CISSP and/or ISO 27001 Lead Auditor certification
  • 2 years of experience in project and program management
  • Experience with automation and finding efficiencies to improve programs and processes
  • Validated interpersonal, leadership and collaboration skills with the ability to effectively influence and motivate project teams
  • Excellent verbal and written communication skills
  • Strong complex problem-solving and analysis skills
  • Process and detail-driven work style

Be part of something big.#LI-CM2


XPO is a leading provider of cutting-edge supply chain solutions to the most successful companies in the world. We help our customers manage their goods most efficiently using our technology and services. Our greatest strength is our global team – energetic, innovative people of all experience levels and talents who make XPO a great place to work.


We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran or other protected status.


The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.

Nearest Major Market: Charlotte