×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security IT Business Analyst

Sr. ITGC​/IT SOX Analyst

Job in Santa Fe, Santa Fe County, New Mexico, 87503, USA
Listing for: Datavant
Full Time position
Listed on 2026-01-24
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, IT Business Analyst
Job Description & How to Apply Below
Position: Sr. ITGC / IT SOX Analyst

Overview

Datavant is a data platform company and the world’s leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform enables a secure, accessible, and usable health data network to inform better health decisions. Datavant is trusted by leading life sciences companies, government agencies, and payers and providers.

By joining Datavant today, you’ll be part of a high-performing, values-driven team solving some of healthcare’s most complex problems with technology-forward solutions. Datavanters bring diverse professional, educational, and life experiences to realize our bold vision for healthcare.

What We’re Looking For

As a Sr ITGC / IT SOX Analyst (GRC) within the Security Governance, Risk, and Compliance (GRC) organization, you will lead implementation, remediation, and ongoing management of Information Technology General Controls (ITGCs) within our organization. This is a hands-on role for a self-starter who enjoys solving problems, collaborating cross-functionally, and ensuring compliance excellence in a fast-paced environment. The role ensures IT processes and controls are maintained, compliant with regulatory standards, and aligned with best practices.

This position reports to the Sr Manager of IT Assurance (Security GRC) and will work cross-functionally with IT, GRC, Information Security, Finance, and Compliance teams to address ITGC deficiencies and assessments to drive continuous improvement in compliance programs.

What You Will Do
  • ITGC Program Execution
  • Lead and monitor ITGC testing (access, change management, computer operations, backup/recovery, interfaces)
  • Execute walkthroughs, control design assessments, and test-of-one/ongoing effectiveness procedures
  • Validate completeness and accuracy (C&A) for key reports and data flows; assess IPE
  • Controls Design & Remediation
  • Advise on control design and documentation (risk/control matrices, narratives, process maps)
  • Track deficiencies; partner on root cause analysis and target-state remediation plans
  • Independently verify remediation effectiveness and maintain evidence quality
  • Stakeholder Management
  • Coordinate with external auditors and co-sourced providers; align on scope, reliance, and timelines
  • Communicate findings and status to management; escalate risks proactively
  • Governance & Continuous Improvement
  • Maintain ITGC program artifacts (RACM, population and sample evidence, issue logs)
  • Contribute to controls automation, SoD governance, and periodic access recertifications
  • Support IT policy/standard refreshes and control rationalization
  • Assessment Execution
  • Perform end-to-end assessment: scoping, risk & control assessments, test plans, fieldwork, and reporting
  • Assess IT processes including identity & access management, change/release management, backup/recovery, incident/problem management, vulnerability management, patching, disaster recovery/business continuity, interfaces/integrations, and data quality
  • Perform cybersecurity-themed reviews (e.g., endpoint security, logging/monitoring, vulnerability & patch management, configuration baselines)
  • Advisory & Continuous Improvement
  • Provide practical recommendations that balance risk with operational realities
  • Monitor remediation progress; validate closure and sustainment of fixes
  • Support integrated audits with operational/financial teams; contribute to annual risk assessment and audit plan
  • Reporting & Governance
  • Draft clear reports with prioritized findings, risk ratings, and management action plans
  • Present results to stakeholders; communicate clearly to technical and non-technical audiences
  • Maintain audit methodology and working papers to internal standards; support QA reviews
What You Need to Succeed
  • 4+ years of progressively responsible IT General Controls experience via IT audit/assurance, SOX 404 testing, or IT risk & controls (Big 4 or industry)
  • Hands-on experience testing ITGCs and automated application controls; working with internal and external auditors
  • Strong understanding of access management, change management, computer operations, IPE/C&A, and SoD
  • Excellent communication skills—you can explain control…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search