IT Risk Analyst II

About Advanced Energy
Advanced Energy Industries, Inc. (NASDAQ: AEIS), enables design breakthroughs and drives growth for leading semiconductor and industrial customers. Our precision power and control technologies, along with our applications know-how, inspire close partnerships and innovation in thin-film and industrial manufacturing. We are proud of our rich heritage, award-winning technologies, and we value the talents and contributions of all Advanced Energys employees worldwide.

Position Summary:
The position is responsible for collaborating with IT and Business personnel to ensure we meet our Information Security and GRC objectives. This individual will work cross-functionally to establish guidelines and standards to mature the effectiveness of our compliance and ensure controls are effectively implemented to mitigate risk. In addition to requiring adequate information security controls, data protection, privacy and software development practices, this role is responsible for supporting the organizations ability to comply with all laws, rules and regulations governing the company’s technology, including third parties and vendor dependencies.

The ideal candidate will have prior experience working with effective GRC or audit programs and demonstrated capabilities to collaborate with a broad set of stakeholders across both IT and the business. The position requires a diverse background to understand a variety of systems, including new technologies and legacy systems used by lines of business and vendors. Reporting to the Manager, IT GRC, this position will play a critical role in sustaining our existing environment, strive for excellence and additional maturity throughout our processes, and nurture a compliance and security engaged culture across the organization.

Responsibilities:

• Provide support across the IT organization in effectively and efficiently meeting our SOX and regulatory compliance requirements. This will include assisting IT teams in meeting current control execution requirements.
• Support development, enforcement, and continuous improvement of IT policies and standards, ensuring alignment with risk, security, and compliance requirements.
• Track and manage compliance exceptions, issues, and remediation plans to closure, including risk acceptance documentation when required.
• Partner with internal and external auditors to validate controls for compliance.
• Uphold policy and rigor in the third party risk assessment process used by all business units.
• Conduct compliance assessments for IT projects, evaluating impacts related to security, privacy, and control requirements.
• Applies critical thinking to generate new thoughts and opportunities; has ability to collaborate and build on innovative thoughts/ideas.
  
  
  

Qualifications:

• Bachelors degree required in IT, Computer Science, Information Security or related field.
• CISA, CISM, and/or CISSP certifications preferred
• Minimum of 4 years of relevant work experience including proven ability to successfully support critical IT compliance related programs; ideal candidate will likely have 5-6 years of experience.
• Strong interpersonal skills, with an emphasis on teamwork, collaboration, initiative and integrity.
• Strong documentation and presentation skills, including documenting control narratives, process documents, and evidence evaluation, in an ITGC environment.
• Strong understanding of Enterprise and Operational technologies (Networking, Server Management, End Point Management, Cloud environments, SAP tools, Change Management tools)
• Proficient understanding of business focus and processes and the ability to inject IT compliance into the business through teamwork and influence.
• Proficiency with relevant IT regulatory and control frameworks (e.g., SOX, GDPR, ISO, NIST, COBIT).
  
  
  

As part of our total rewards philosophy, we believe in offering and maintaining competitive compensation and benefits programs for our employees in order to attract and retain a talented, highly engaged workforce. Our compensation programs are focused on equitable, fair pay practices including market-based base pay, an annual pay-for-performance incentive plan, we offer a strong benefits package in each of the countries in which we operate.

Advanced Energy is committed to diversity in its workforce including Equal Employment Opportunity for Minorities, Females, Protected Veterans, and Individuals with Disabilities.
We are committed to protecting and respecting your privacy. We take your privacy seriously and will only use your personal information to administer your application in accordance with the RA No. 10173 also known as the Data Privacy Act of 2012.

---