IT Controls and Processes Analyst (Level I)

The IT Controls and Processes Analyst is primarily responsible for the execution and management of ITIL and ITSM processes within Shared Services IT, such as incident management, change management, asset management, software license management, and vendor management. This role ensures that IT processes are aligned with organizational objectives and regulatory requirements while maintaining process documentation and driving continuous improvement.

In addition to process-focused responsibilities, the IT Controls and Processes Analyst supports the overall IT internal controls program by documenting controls, implementing controls, curating evidence, and assisting with audits and compliance-related activities. Individual positions within this family will typically specialize in certain areas such as specific control areas or process areas and will function as process managers on a day-to-day basis, serving as a change manager, incident manager, or asset manager, depending on specialization.

The IT Controls and Processes Analyst may also be engaged in broader IT initiatives to provide additional resources and expertise for key IT projects and strategic efforts. Collaboration with IT teams, stakeholders, and auditors is critical for ensuring the success of processes, controls, and other organizational priorities.

This position requires a strong customer service focus, positive attitude, and good oral and written communications skills.

Responsible for compliance with all applicable laws, regulations, industry standards, corporate policies, guidelines and procedures, including but not limited to, RUS, OSHA, SOX, NERC, FERC and ITS requirements. Promotes an environment of compliance and continuous improvement to meet the Corporation's goals and objectives.

Job Duties:

- Process Management: Execute and oversee ITIL and ITSM processes, including incident management, change management, asset management, and software license management. Serve as a process manager (e.g., change manager, incident manager, or asset manager) and provide backup support for other IT processes as needed. Ensure processes align with organizational goals and comply with standards

- Controls Support: Support the IT internal controls program by documenting controls, curating evidence, and assisting with audits and compliance requirements (e.g., SOX, NERC CIP). Collaborate with internal and external auditors to support assessments and assist with remediation plans for audit findings.

- Tool Administration: Administer and maintain the ITSM application and GRC tool to support ITIL processes and the IT controls program. Troubleshoot tool-related issues, ensure updates and patches are applied, and drive improvements in tool utilization to support organizational goals.

- Documentation and Reporting: Maintain and review process documentation to ensure accuracy and timeliness. Produce reports and metrics to measure process performance and compliance. Develop and update policies, standards, and workflows as needed.

- Continuous Improvement: Identify opportunities to enhance ITIL and ITSM processes. Collaborate with stakeholders to implement process improvements and optimize workflows. Proactively monitor process performance and recommend enhancements.

- Collaboration and IT Initiatives: Work closely with IT teams and business stakeholders to ensure adherence to processes and compliance standards. Provide additional support and expertise for key IT initiatives and strategic projects as needed. Foster a culture of continuous improvement and collaboration.

Required Qualifications:

Education: A Bachelor's degree in Computer Science, Business Administration, Information Technology, Engineering, Science, or a related field from an accredited college or university.

Experience: Entry-level position requiring exposure to ITIL and ITSM processes and basic understanding of IT controls.

Equivalent Experience: Minimum of 4 years of relevant experience may also be considered.

Responsibility: Assists in the execution of ITIL and ITSM processes (e.g., incident management, change management) and supports IT controls documentation with supervision. Provides basic support for ITSM and GRC tools under guidance.

Licenses, Certifications, and/or Registrations: The following relevant certifications are a plus:

- - (Strongly Desired) ITILv3 or ITILv4 Foundation

- Certified Information Systems Auditor (CISA).

- Certified in Risk and Information Systems Control (CRISC)

- Certified Information Systems Security Professional (CISSP).

- Certifications in ITSM platforms (e.g., Ivanti, ServiceNow).

- Lean Six Sigma Green/Black Belt

- Project Management Professional (PMP)

- Certified ScrumMaster (CSM)

- COBIT Certification

Specialized Skills:

- Process Expertise:

- Strong understanding of ITIL and ITSM processes, including incident management, change management, asset management, and problem management.

- Knowledge of compliance frameworks such as SOX, NERC CIP, and other regulatory standards.

- Tools and Technologies:

- Experience with ITSM platforms (e.g., Ivanti, ServiceNow) and GRC tools.

- Proficiency in configuring, maintaining, and optimizing ITSM workflows and GRC tool integrations to support ITIL processes and IT controls.

- Development of PowerBI dashboards

- Soft Skills:

- Strong verbal and written communication skills.

- Excellent organizational and time management skills.

- Analytical and creative problem-solving skills.

- Ability to establish and maintain effective working relationships across technical and non-technical teams.

- Other Skills:

- Familiarity with audit processes and evidence curation.

- Ability to identify opportunities for process improvements and drive implementation.

- Proficiency in producing metrics and reports to measure process performance and compliance.