Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Ellit Groups

Governance, Risk and Compliance Analyst

Ellit Groups

GRC Analyst at Carousell developing Sarbanes-Oxley IT controls framework for IT governance. Leading internal audit program and collaborating with key stakeholders in compliance efforts.

Posted 7/15/2026full-timeRemote • 🇮🇳 IndiaJuniorMid-LevelWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates expertise in IT Governance, Risk, and Compliance (GRC) with a strong focus on Sarbanes-Oxley (SOX) IT controls, including the design and implementation of unified control frameworks. Proven ability to lead internal audits, manage IT risk, and collaborate with cross-functional teams to enhance control effectiveness.

Highest-signal resume keywords
SOX 404 IT Controls Program ManagementCOSO and COBIT Framework ImplementationIT Audit and Risk ManagementIdentity and Access Management (IAM)CISA, CRISC, CISM, or CGEIT Certifications

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
IT GovernanceRisk ManagementCompliance Program DevelopmentInternal AuditControl Framework DesignSOX IT RACM ProgramFramework AnalysisModern Authentication ProtocolsIT Operations ConceptsProject Management
Soft Skills
Exceptional CommunicationPresentation SkillsCollaborationLeadership
Tools & Technologies
JiraTicketing Systems
Certifications & Qualifications
CISACRISCCISMCGEIT
Industry Keywords
Sarbanes-Oxley (SOX)COSOCOBITISO 27001NISTPCI-DSSCyber Trust MarkSOC1

About the role

Key responsibilities & impact
  • Build, lead, and mature the IT Governance, Risk, and Compliance program.
  • Architect the new Sarbanes-Oxley (SOX) IT controls framework.
  • Establish and lead the company's annual internal IT audit program.
  • Design and implement a unified control framework that is both compliant and practical.
  • Collaborate closely with key stakeholders like SaaS owners, Legal, Finance, and Security Engineering.
  • Lead the development, documentation, and implementation of the SOX IT RACM Program.
  • Proactively drive IT control maturity milestones.
  • Lead control harmonization efforts by analyzing multiple frameworks.
  • Establish and lead internal audits and assessments to evaluate control effectiveness.
  • Act as a hands-on technical GRC expert, validating controls directly in systems.
  • Lead GRC advisory and remediation sessions with system owners.
  • Establish and lead risk identification workshops.

Requirements

What you’ll need
  • Bachelor's Degree (or equivalent) in Information Technology, Computer Science, IT Audit, or a related field.
  • 2 - 5 years of progressive experience in IT Audit, IT Risk Management, or IT GRC.
  • Demonstrable, hands-on experience in building, implementing, and/or managing a SOX 404 IT controls program is essential.
  • Expert-level knowledge and practical implementation experience with COSO (for ICFR) and COBIT (for ITGCs).
  • Strong understanding of other frameworks like ISO 27001, Cyber Trust Mark, CCF, NIST, and PCI-DSS is also required.
  • Deep experience in managing and responding to external audits, particularly SOC1.
  • Demonstrate a strong understanding of modern authentication and authorization protocols (e.g., SSO, OAuth, SAML).
  • Understand Identity and Access Management (IAM) concepts, including roles, privileges, permissions, and the difference between default/built-in vs. custom accounts/groups.
  • Be technically proficient enough to navigate the configuration settings of diverse systems to find evidence.
  • Understand IT operations concepts, including batch jobs, incident management, and the use of ticketing systems (like Jira) and audit trails as evidence.
  • An aptitude for and keen interest in learning new technologies.
  • Professional certifications such as CISA, CRISC, CISM, or CGEIT are highly preferred.
  • Proven ability to manage complex projects, drive milestones, and lead cross-functional initiatives.
  • Exceptional communication and presentation skills.

Benefits

Comp & perks
  • Employees can work remotely