logo inner

Senior Analyst, IT Internal Control

BluefinAtlanta, Georgia, United StatesHybrid, Onsite
We are seeking a Senior Analyst, IT Internal Control to further develop and maintain the Bluefin IT system of internal controls, following internal control framework guidance, regulatory requirements, and industry best practices. The Senior Analyst, IT Internal Control will work with functional area leadership to identify and assess key process risks and evaluate internal control effectiveness. This role reports to the SVP, Internal Control.
The ideal candidate will have experience in the following areas: 

  • Facilitating and conducting IT process risk assessments, testing internal control design and operational effectiveness, and identifying control gaps.
  • Conducting information security management systems (ISMS) reviews/audits.
  • Experience in the payment/data security and/or payment processing environments, familiarity with the PCI-DSS and PCI-P2PE, and a working knowledge of SOC 2 and ISO 27001 certification. 

Include the following and other duties may be assigned:

  • Facilitate and review IT process risk assessments conducted by functional area leadership.
  • Evaluate and test IT internal controls design and operational effectiveness.
  • Identify, report, and monitor remediation of IT internal control gaps.
  • Ensure compliance with regulatory requirements (e.g., PCI-DSS, PCI-P2PE, GDPR, etc.).
  • Identify opportunities for process improvements to enhance IT internal controls.
  • Conduct internal review/audit of the information security management system (ISMS). 
  • Assist management in the identification and selection of a new GRC/IRM tool replacement, and implementation efforts.
  • Assume business owner duties for internally built tool, Risk and Control (RAC) Salesforce application, and/or its replacement. Includes management and monitoring of bug remediation and development projects led by Salesforce Administration team or replacement tool vendor.
  • Generate and/or maintain GRC tool user guides.
  • Perform analysis to determine proper data validation for all data elements used in projects.
  • Analyze existing data and database schema.
  • Generate process flow maps as needed for process improvement projects. 

To perform this job successfully, the individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be provided to enable individuals with disabilities to perform the essential functions:

  • Strong knowledge of internal control frameworks (e.g., COSO, COBIT, etc.).
  • Knowledge and experience with security compliance frameworks (e.g., SOC 2, ISO 27001)
  • Experience performing IT internal audits
  • Strong knowledge of Microsoft Visio.
  • Experience / strong working knowledge of relational databases. 
  • Experience working multiple concurrent projects.
  • Meticulous attention to detail to ensure accuracy and completeness of documentation.
  • Strong interpersonal skills, including verbal and written skills.
  • Demonstrated ability to facilitate collaborative discussions.
  • Ability to work independently, take initiative, and contribute to new ideas required in a diverse, fast-paced, deadline-driven team environment.
  • Experience discussing and presenting ideas to technical and non-technical audiences.
  • Organizational and analytic skills, with strong problem-solving ability.
  • Experience using common business software such as Word, PowerPoint, and Excel

Computer Skills: Advanced computer skills in Word, Excel, Outlook, and Salesforce with the ability to multi-task.The above job description is not intended to be an all-inclusive list of duties and standards of the position.  Incumbents will follow any other instructions, and perform other related duties, as assigned by their supervisor. Additional Qualifications:

  • Understanding developer logic, ability to think logically, and understanding of software limitations.
  • Working knowledge of user acceptance testing

  •  Bachelor's degree or equivalent (e.g., Information Technology, Information Security, Accounting, or related field).
  • 5+ years’ experience in IT audit, internal control, GRC, or related areas. 
  • Professional certifications (e.g., CISA, CIA, CRISC, CRMA) are a plus
  • Knowledge of payment/data security and/or payment processing industries preferred.


Life at Bluefin

BLUEFIN, LLC is a national roof, pavement, and building envelope consultant serving clients with large facility footprints. We focus on these areas because theyᅢᄁ¬ツᆲ¬トᄁre typically the largest investments for our clients. They also hold the greatest opportunities to improve facility performance. We deliver an innovative portfolio approach to asset management that significantly reduces costs while improving facility performance. Examples of our current work include: System-wide roof and pavement asset management for 50 schools for a public school district in CO. Pavement management for one of the largest freight railroad networks in North America Roof management for the DC Department of General Services, including assessment, preventive maintenance, leak response, capital planning, design and construction quality assurance. Design and program management of Washington DC SmartRoof program, the nationᅢᄁ¬ツᆲ¬トᄁs first comprehensive, roof-based, clean technology implementation, deploying solar PV, vegetated roofs, and cool roofs on city-owned facilities. Roof management for a large oil services company on over 500 facilities in the US and Canada management including assessment, capital planning, leak response, design management and construction quality assurance. Roof asset management program for over 60M square feet of roofs to the US Air Force nationwide. Management of roof, pavement and building envelope assets for a very large, nationally dispersed food processing company. BLUEFIN, LLC is a privately held company. While we have extensive relationships among contractors and material product suppliers throughout the industries we serve, we maintain complete financial independence and objectivity so that we can put the ownerᅢᄁ¬ツᆲ¬トᄁs priorities first in all of our business dealings. Our headquarters is in Denver, Colorado and we have offices throughout the U.S.
Thrive Here & What We Value- Decentralized Exchange Infrastructure- Early Stage Development- Experienced Team- Shared Passion for Learning- Relentless Drive to Improve- Customer Focus- Collaborative Environment- Agile Methodology- Open Communication- Continuous Innovation
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025