IT Audit & Compliance Analyst

Mascoma Bank

$80K — $90K *
US-Anywhere
+ 2 other locationsRemote
Finance & Insurance
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in information systems, Computer Science, or related field, or equivalent experience.
  • 3-5+ years in IT audit, IT controls, information security, or IT risk, preferably in banking or regulated environment.
  • Familiarity with GLBA, FDICIA, IT general controls, and NIST Cybersecurity Framework.
  • Experience in conducting user access reviews and IT control testing.
  • Strong analytical, organizational, and documentation skills.
  • Ability to communicate risk and control concepts to diverse audiences.
  • Independent worker capable of managing multiple tasks discreetly.

Responsibilities

  • Perform user access reviews across various banking and IT systems.
  • Evaluate access according to least-privilege and role-based principles.
  • Identify and document access issues, working with system owners to resolve them.
  • Review privileged access on a defined schedule.
  • Ensure timely access management in collaboration with HR and IT.
  • Maintain documentation for audit and regulatory requirements.
  • Assess effectiveness of IT general controls and recommend improvements.
  • Test adherence to IT policies and identify process gaps.
  • Collaborate with managers to establish appropriate access profiles.
  • Document role-based access templates to strengthen controls.
  • Educate managers on access request standards and compliance responsibilities.
  • Coordinate with IT, Risk, and Compliance teams for audits and remediation.

Benefits

  • Supportive work environment fostering professional development.
  • Comprehensive health and wellness programs.
  • Opportunities for certifications and continuous education.
  • Flexible schedule options.
  • Commitment to community involvement and support.
Full Job Description
Mascoma Bank is looking for an IT Audit & Compliance Analyst to join our Information Technology team. In this role, you will support the Bank's technology risk, audit, and access governance programs by reviewing user access, evaluating internal IT controls, and helping ensure our systems and practices meet regulatory, audit, and information security expectations.

What You'll Do
• Perform scheduled and risk-based user access reviews across core banking, lending, deposit, digital, infrastructure, cloud, and third-party systems.
• Evaluate access against least-privilege, segregation-of-duties, and role-based access control principles.
• Identify and document access concerns such as dormant, terminated, shared, or over-privileged accounts, and partner with system owners to drive timely remediation.
• Review privileged, administrative, service, and emergency access on a defined cadence.
• Verify timely access provisioning, transfers, and de-provisioning in partnership with People Resources and IT Support.
• Maintain accurate evidence, documentation, and audit trails to support internal audit, external audit, and regulatory examination needs.
• Assess the design and operating effectiveness of IT general controls across areas such as change management, logical access, computer operations, backup and recovery, and incident response.
• Test adherence to IT policies, standards, and procedures, and identify gaps between documented processes and actual practice.
• Partner with business line managers to determine appropriate system access profiles for new or changing roles.
• Recommend and document role-based access templates that support strong controls and effective business operations.
• Help managers understand access request standards, recertification responsibilities, and the business rationale for control requirements.
• Coordinate with IT, Risk, and Compliance teams to support audit plans, regulatory requests, evidence gathering, issue tracking, and corrective action follow-up.

What We're Looking For
• Bachelor's degree in information systems, Computer Science, or a related field, or an equivalent combination of education and experience.
• 3-5+ years of experience in IT audit, IT controls, information security, identity and access management, or IT risk, preferably in banking, financial services, or another regulated environment.
• Working knowledge of GLBA, FDICIA, IT general control expectations, and NIST Cybersecurity Framework concepts.
• Experience conducting or supporting user access reviews and IT control testing.
• Strong analytical, organizational, and documentation skills.
• Ability to communicate risk and control concepts clearly to both technical and non-technical audiences.
• Ability to work independently, manage multiple reviews at once, and handle confidential information with discretion.
• Relevant certifications such as ISACA IT Audit Fundamentals, CISA, or CIA are preferred.

Background and Credit Check

As part of our commitment to maintaining a secure financial institution, all final candidates will be required to successfully complete background and credit screenings as part of the hiring process. These screenings will be conducted in accordance with applicable laws and industry regulations.

Please note: Having a record on a background or credit report does not automatically disqualify you. We evaluate results on a case-by-case basis, considering their relevance to the role and any regulatory requirements.

Salary Description

$80,000 - $90,000 depending on experience

Similar Jobs

More Jobs at Mascoma Bank

  • IT Audit & Compliance Analyst
    $80K — $90K *
    Remote
    Finance & Insurance
    Remote
  • Asset Manager
    $84K — $109K *
    Portland, ME 04103 (Cumberland County)
    Finance & Insurance
    In-Person
  • Asset Manager
    $84K — $109K *
    Hanover, NH 03755 (Grafton County)
    Finance & Insurance
    In-Person
  • Account Executive
    $75K — $125K *
    Remote
    Finance & Insurance
    Remote in United States

More Finance & Insurance Jobs

Find similar IT Audit & Compliance Analyst jobs: