Carters/OshKosh Senior Analyst, IT Risk and Compliance in Atlanta, Georgia

Senior Analyst, IT Risk and Compliance

Atlanta, GA

  • Date Updated:April 12, 2018Job Level:Mid Career (2+ years)
  • Job Type:Full-Time/RegularYears of Experience:Any
  • Travel:Not SpecifiedLevel of Education:Any
  • Position ID:85329-264031
Job Description

Carter's, Inc. is the largest branded marketer in North America of apparel exclusively for babies and young children. The Company owns the Carter's and OshKosh B'gosh brands, two of the most recognized brands in the marketplace. These brands are sold in leading department stores, national chains, and specialty retailers domestically and internationally. They are also sold through more than 1,000 Company-operated stores in the United States, Canada, and Mexico and online at , , and . The Company's Just One You and Genuine Kids brands are available at Target, its Child of Mine brand is available at Walmart, and its Simple Joys brand is available on Amazon. The Company also owns Skip Hop , a global lifestyle brand for families with young children. Carter's is headquartered in Atlanta, Georgia. Additional information may be found at .

This role will be expected to assist with the implementation of leading security and governance practices, procedures, and controls to protect Carters information assets and ensure compliance with applicable regulatory requirements.

IT Risk Management (45%)

  • Evaluates and updates security policies, procedures, and standards to ensure alignment with applicable security control requirements
  • Assists with the execution of IT security risk assessments against industry leading security controls frameworks
  • Assists in developing controls inventory, performing gap-analysis, and documenting remediation action plans
  • Regularly updates metrics and analysis to track remediation progress and demonstration of control maturity and effectiveness
  • Conducts third-party security and compliance assessments and documents detailed results
  • Coordinates with data owners to ensure accuracy and completeness of sensitive Company information
  • Evaluates the adequacy and effectiveness of safeguards protecting sensitive Company information

IT Compliance (35%)

  • Acts as a supporting point of contact for external and internal IT-related audits
  • Performs periodic reviews of SOX controls and technical security controls to ensure continuous adherence to Company policies and applicable regulations
  • Assists in developing and monitoring SOX remediation plans

Process Improvement (20%)

  • Drives process changes across the organization and acts as Subject Matter Expert (SME) for all compliance related questions
  • Develops process flows, technical diagrams, and control narratives for complex IT environments to aid in asset risk classification
  • Deliver presentations (internal and external to IT) on relevant topics to develop others
Experience and Skills
  • Bachelors degree is required, technical degree is preferred.
  • Professional certification (CISA, CISM, CISSP, CIA or similar) is highly desired
  • Big Four Experience Preferred
  • 6+ years experience in IT with experience in at least 1 of the following areas: SOX audits, internal audit, security risk assessments, information governance, privacy, security awareness, or cybersecurity maturity assessments. Strong preference for experience in 2 or more areas.

Carters is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, veteran status, or any other status protected by federal, state, or local law.

Visit today