Security Analyst

JPS Tech Solutions Logo
JPS Tech Solutions
Seattle, WA, United States
  • IT
  • FullTime
  • Applications have closed

Job Category: Analysts

Job Type: Hybrid

Job Location: Seattle Washington

Compensation: Depends on Experience

W2: W2-Contract Only; Kindly note that applications on a C2C basis will not be considered for this role.

Job Description Job Description: About This Team The lululemon Cybersecurity team enables lululemon to conduct its global operations in a secure

manner and safeguard the trusted information of its guests and users. This is accomplished by

understanding business risk as manifested through cybersecurity and compliance risk, and by

maintaining a high degree of employee awareness of all security and compliance topics. To further

enhance our team, we are looking for a GRC Compliance Specialist, with demonstrated expertise with

SOX 404, specifically with respect to IT General Controls

A Day In The Life In this role, you will work collaboratively with the Cybersecurity GRC team along with stakeholders

across the business to assess, review, verify, and and audit technology controls related to GRC

Compliance. The GRC Compliance Specialist will be responsible for coordinating the collection of

evidence, walkthrough meetings, remediation, and ensuring that teams are educated on what is

required of them.

Following Are Key Areas Of Responsibility For This Role

  • Responsible for assisting with the delivery of the IT SOX program and ensuring the effectiveness

of lululemon’s technology internal control environment.

  • Responsible for documenting the SOX control design narratives and SOX control operating

effectiveness testing for in-scope systems and tools.

  • Works collaboratively with stakeholders across technology and system stakeholders to ensure

effective technology controls are in place to meet SOX requirements.

  • Serves as a subject matter expert (SME) for SOX IT compliance across the organization.
  • Proactively communicates changes in regulatory or audit requirements to teams and helps drive

the implementation of new or updated controls.

  • Partners with Global Architecture and Technology teams to understand current and future

strategies that may impact SOX-relevant systems and processes.

  • Identifies, evaluates, documents, and monitors the remediation of control deficiencies, with an

emphasis on assisting process and IT control owners in timely and effective remediation.

  • Assists with quarterly SOX control certifications and management attestations.
  • Automates and assists in gathering audit evidence for internal and external SOX audits.
  • Applies a risk-based approach to planning, executing, and reporting on SOX-related audit

engagements.

  • Creates efficiencies for audit engagements by establishing and maintaining document request

lists and centralized evidence repositories.

  • Provides metrics and reporting decks to demonstrate that the IT SOX program delivers expected

outcomes and effectively supports business objectives.

Qualifications

  • 5+ years of experience in Security GRC, IT Audit, or a related field, with a strong focus on SOX

compliance and IT General Controls (ITGCs) in a retail environment

  • Big 4 IT Audit experience or similar is required, with demonstrated expertise in evaluating and

testing ITGCs and application controls supporting financial reporting

  • Deep understanding of SOX Section 404 requirements, including risk assessment, control design,

and effectiveness testing

  • Experience working with internal and external auditors, including managing walkthroughs,

evidence collection, and audit issue resolution

  • Strong knowledge of ITGC domains such as access controls, change management, IT operations,

and system development lifecycle (SDLC)

  • Familiarity with retail-specific systems (ex. Oracle EBS, Retail Management Systems, Order

Management Systems, Warehouse Management Systems) and how they intersect with SOX

compliance

  • Experience with cloud platforms (e.g., AWS, Azure), SaaS applications, and their implications for

SOX controls

  • Proficiency in using GRC tools like ServiceNow, to streamline audit workflows and evidence

management

  • Proven ability to drive remediation efforts, track control deficiencies, and support control

owners in implementing sustainable solutions

  • Strong communication and stakeholder management skills, with the ability to influence cross-

functional teams and align on compliance priorities

  • Demonstrated ability to work in a fast-paced, global retail environment, managing multiple

priorities and time zones

  • Professional certifications such as CISA, CPA, or CIA are required

Apply Online

Your Name Your Phone Number

Your Email Address Job Id

JPS-4823

What is your current visa status? * Select

Enter Other Valid Visa

W2 or C2C *

Select

Where are you currently located at? How many years of relevant experience you have?

Do you require h1b sponsorship? * Select

Upload Resume *

Choose a file

No file chosen.

Facebook X LinkedIn WhatsApp

Apply for job