Remote IT Governance Risk and Compliance Analyst

June 5, 2024

Job Description

The IT Governance, Risk, and Compliance Analyst supports the ZEPZ Governance program, focusing on advancing the GRC function through the adoption of processes and principles that mitigate risk and add value. Key responsibilities include:

  • Implementing IT Governance, Risk, and Compliance solutions in alignment with ZEPZ policies and frameworks, with a focus on IT Governance principles and practices.
  • Developing and implementing IT Governance policies, processes, procedures, and controls in relation to ZEPZ.
  • Creating and implementing IT Governance Frameworks, IT Controls, assessment recommendations, and action plans approved by management and aligned with international and financial industry standards (e.g., COBIT, ITIL, ISO, NIST, PRINCE II, CMM).
  • Maintaining IT alignment activities, including report submissions, across various governance committees and structures.
  • Reviewing control documents, coordinating meetings, mediating assessment findings, assisting control owners with remediation plans, tracking remediation progress, and escalating issues as needed.
  • As the first line of defense (1LOD), assisting in assessing the adequacy of business continuity/disaster recovery plans with Risk Management, identifying potential system threats, and evaluating the impact of adverse events in line with the second line of defense (2LOD).
  • Contributing to the development, adoption, and compliance of the IT governance framework across all business areas.
  • Performing design and process analysis and control testing for IT business processes affecting IT Governance and other audit and exam assessments.
  • Facilitating the adoption and continuous improvement of planning practices and processes within IT and the broader business.

Skills and Experience:

  • Defining and deploying enterprise IT policies, controls, processes, performance tracking, dashboards, technology, and tools.
  • Ensuring organizational compliance and control effectiveness through communication, regular practice checks, and continuous improvement of policies and processes.
  • Acting as a Subject Matter Expert in IT methodologies, policies, and practices, ensuring alignment with documented designs, policies, processes, and standards.
  • Providing guidance on architecture and business initiatives to achieve organizational goals in design, IT methodologies, processes, and policies.
  • Coordinating with internal business units on technology compliance, audit, and regulatory inquiries, representing IT from an information security, recovery, and technology risk perspective, and ensuring consistent and factual analysis, findings, responses, and mitigation.
  • Driving IT organizational performance and managing IT initiatives and services through the use of tools, data, reports, and dashboards.
  • Ensuring the effectiveness and regular monitoring, analysis, investigation, strengthening, and protection of business technological assets and data.
  • Participating in industry forums and consortiums to represent business interests and set standards and practices.


  • At least three years of IT governance experience, preferably in a FinTech or similar organization.
  • An organized thought process with a passion for technical writing, structure, control, and governance.
  • Transitioned from a technical IT role to driving IT governance in the organization.
  • Familiarity with ICT Business areas such as Consulting, Managed Services, Cloud Services, etc.
  • Exposure to various IT facets such as Projects, Delivery Support, Infrastructure, Software Development.
  • At least four years of experience with IT Governance and controls frameworks (e.g., COBIT, ITIL/ITSM, Project and Software Development, ISO, InfoSec/Data Privacy).
  • Experience in developing and deploying integrated IT frameworks, methodologies, policies, processes, procedures, and templates.
  • Experience introducing efficiency and deploying IT tools to operations and projects.
  • Familiarity with IT audits, Information Security, Data Privacy, Information Systems Audit requirements, and other IT risk management or due diligence practices.

Salary and Compensation:

Estimated salary based on similar roles: $50,000 — $110,000/year.


  • 401(k) and 401k matching
  • Distributed team
  • Async work
  • Vision, Dental, and Medical insurance
  • Unlimited vacation and paid time off
  • Four-day workweek
  • Company retreats and coworking budget
  • Learning budget
  • Free gym membership and mental wellness budget
  • Home office budget
  • Option to be paid in crypto
  • Profit sharing and equity compensation
  • No whiteboard interviews or monitoring system
  • No workplace politics
  • Inclusive hiring of all ages