Sr IT Compliance Analyst

Are you looking for an opportunity to make a difference? At Mesa Labs we're passionate about protecting the vulnerable by enabling scientific breakthroughs, ensuring product integrity, increasing patient and worker safety, and improving quality of life around the world.

At Mesa Labs we offer competitive wages, including potential bonus opportunities, equity awards, commission, and a comprehensive benefits package based on the position.

Base Compensation Range: $107,000 - $120,000 *In addition, you qualify for:

* Annual bonus opportunity of 15% based on company performance

* Annual equity award of $10,000

Outstanding Benefits and Perks:

We are proud to offer a variety of benefits that meet the diverse needs of our employees:

* Eligible for benefits the first day of the month after you start

* Tiered Medical, Dental and Vision Insurance options, Health savings (HSA), healthcare & dependent care flexible spending (FSA) accounts

* Company paid short term and long-term disability (unless covered by a state disability plan)

* Company paid life insurance and AD&D

* Flexible Time Off Policy

* Paid sick leave of 48 hours per calendar year

* Eligible employees may receive four (4) weeks paid Care Giver leave after 1 year of service or in accordance with state leave laws

* 401(k) plan that provides a 4% Safe Harbor company match on a 4% employee contribution that begins on Day 1

* Employee Wellness and Financial Assistance Resources through Cigna and NY Life

* Nine (9) paid company holidays per year

At Mesa Labs, we apply technical expertise and technological innovation to improve quality of life for patients, workers, and consumers worldwide. Our products and services directly impact the critical environments that advance medical breakthroughs, keep industry moving, and ensure the safety of products we use every day.

Job Summary:

The Sr IT Compliance Analyst that supports our corporate business has responsibility for ensuring the organization's IT environment meets and maintains compliance with key regulatory frameworks, primarily SOX, while also supporting other regulatory needs such as GDPR and internal information security policies. This individual will serve as the "go-to" resource for ongoing internal control testing, audit preparation, remediation tracking, and collaboration with other departments to strengthen our internal control environment.

Duties/Responsibilities:

• Execute monthly, quarterly, semi-annual, and annual testing of IT General Controls (ITGCs), including access management, change management, backup and recovery, and system operations controls.
• Identify control deficiencies, track remediation efforts, and verify that corrective actions have been effectively implemented.
• Coordinate with internal and external audit teams to ensure the timely and accurate delivery of audit documentation.
• Assist in mapping IT processes to GDPR requirements (or other data privacy regulations) and help coordinate efforts to close gaps.
• Work closely with internal stakeholders to ensure that data handling, data subject access requests, and retention policies align with regulatory expectations.
• Proactively identify opportunities to streamline ITGC processes, reduce manual effort, and enhance control effectiveness.
• Contribute to tool evaluations or process automation solutions that improve the efficiency and reliability of controls testing and monitoring.
• Maintain and update control documentation, policies, and procedures to reflect current best practices and changing regulatory requirements.
• Partner with the Information Security team to ensure alignment between security frameworks (e.g., ISO 27001, NIST CSF) and compliance controls.

Education/Experience:

• Bachelor's degree in computer science or related field with 5+ years of experience in a similar role such as Governance, Risk, and Compliance (GRC) or IT auditor.
• Experience in SOX ITGC testing is crucial. Familiarity with other regulatory frameworks (GDPR, HIPAA, PCI-DSS) or industry standards (ISO, NIST) is highly desirable.

Knowledge and Skills Required:

• Critical thinking - ability to use logic and reasoning to identify the strengths and weaknesses of alternative solutions or approaches to resolving problems.
• Experience working with productivity tools such as MS Office
• Ability to work effectively in a professional manner with technology staff, business stakeholders, end users, management, and others outside the organization
• Ability to assist the information security team in monitoring security tools and systems, such as Data Loss Prevention (DLP) solutions, endpoint detection and response (EDR) tools, and vulnerability management highly preferred.
• Ability to monitor Microsoft 365 security recommendations and implement appropriate configurations to enhance security posture highly preferred.

Mesa Labs is an Equal Employment Opportunity Employer.

Mesa Labs prohibits unlawful discrimination and harassment against applicants or employees based on age, race, sex, color, religion, creed, national origin or ancestry, disability, military status, sexual orientation, or any other status protected by applicable state or local law.