Hillwood
Overview
Join to apply for the
IT Senior Analyst
role at
Hillwood . Hillwood, a Perot Company, is a premier real estate investment and development company founded on a culture of integrity, respect, excellence and teamwork. The company is a full-service real estate developer, investor and advisor focused on developing opportunities for investors, partners and communities around the world. See additional details at www.hillwood.com. Position Summary
Hillwood is seeking an experienced and strategic
Senior IT Audit and Compliance Analyst
to join our IT Security and Risk team in Dallas, TX. This role serves as a critical bridge between cybersecurity risk management and ITGC audit coordination, ensuring the organization maintains compliance with regulatory frameworks while proactively identifying and mitigating cyber risks. The Senior IT Audit and Compliance Analyst will lead efforts to streamline audit readiness, enhance control effectiveness, and support enterprise-wide risk initiatives. This position requires a strong understanding of IT governance, exceptional analytical and communication skills, and the ability to collaborate effectively with both technical teams and business stakeholders. As a key liaison with third-party auditors and internal leadership, the selected individual will play a vital role in safeguarding the organization’s operational integrity and regulatory posture. Responsibilities
Risk Management and Strategy: Assess and prioritize cybersecurity risks across critical business systems and processes. Risk Management and Strategy: Align cybersecurity risk management strategies with organizational goals and business objectives. Risk Management and Strategy: Evaluate the cost-effectiveness of security controls and recommend optimized risk mitigation strategies. Risk Management and Strategy: Explore and implement risk transfer mechanisms such as cybersecurity insurance. Risk Management and Strategy: Conduct security reviews and identify gaps in security architecture, recommending mitigation strategies. Risk Management and Strategy: Build and manage remediation plans for risks identified during assessments, audits, and inspections. Audit and Compliance Coordination: Collect, organize, and validate ITGC evidence across infrastructure and applications (e.g., Active Directory, SQL, JDE). Audit and Compliance Coordination: Prepare and manage audit evidence packages for internal and external audits. Audit and Compliance Coordination: Track audit timelines and ensure timely delivery of required documentation. Audit and Compliance Coordination: Maintain audit logs, control matrices, and centralized evidence repositories. Audit and Compliance Coordination: Coordinate with system owners and administrators to retrieve and verify access control data. Audit and Compliance Coordination: Serve as the primary point of contact for third-party auditors and internal stakeholders. Audit and Compliance Coordination: Review authorization and assurance documents to confirm acceptable risk levels for systems and applications. Audit and Compliance Coordination: Perform risk analysis when systems undergo major changes. Policy and Governance Support: Review internal cybersecurity policies and procedures annually to ensure alignment with regulatory standards. Policy and Governance Support: Ensure implementation and functionality of security requirements and IT policies consistent with organizational goals. Policy and Governance Support: Provide subject matter expertise to internal risk and compliance departments. Policy and Governance Support: Support third-party risk management efforts and ensure compliance with applicable regulations and policies. Required Skills and Abilities
Strong analytical and problem-solving skills with the ability to interpret audit findings and develop remediation strategies. Excellent organizational and communication skills, with the ability to manage multiple priorities. Ability to collaborate effectively with cross-functional teams including IT, HR, Finance, and Legal. Ability to communicate business risk and mitigation strategies to stakeholders. Understanding of access provisioning and deprovisioning workflows. Knowledge of regulatory frameworks and standards (e.g., SOX, NIST RMF, ISO 27000, COBIT). Education & Experience
Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field. CISA, CRISC, CISSP, or CISM certifications are a plus. 5+ years of experience in IT audit, cybersecurity risk management, or enterprise risk management. Experience working with GRC platforms (e.g., ServiceNow IRM) and enterprise systems (e.g., Active Directory, SQL, JDE). Experience with regulatory compliance and risk management frameworks (e.g., NIST CSF, ISO 27005). EEO Statement
Hillwood is committed to providing Equal Opportunity in Employment, to all applicants and employees regardless of race, color, religion, gender, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or any other characteristic protected by law. #CORP Additional Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology
#J-18808-Ljbffr
Join to apply for the
IT Senior Analyst
role at
Hillwood . Hillwood, a Perot Company, is a premier real estate investment and development company founded on a culture of integrity, respect, excellence and teamwork. The company is a full-service real estate developer, investor and advisor focused on developing opportunities for investors, partners and communities around the world. See additional details at www.hillwood.com. Position Summary
Hillwood is seeking an experienced and strategic
Senior IT Audit and Compliance Analyst
to join our IT Security and Risk team in Dallas, TX. This role serves as a critical bridge between cybersecurity risk management and ITGC audit coordination, ensuring the organization maintains compliance with regulatory frameworks while proactively identifying and mitigating cyber risks. The Senior IT Audit and Compliance Analyst will lead efforts to streamline audit readiness, enhance control effectiveness, and support enterprise-wide risk initiatives. This position requires a strong understanding of IT governance, exceptional analytical and communication skills, and the ability to collaborate effectively with both technical teams and business stakeholders. As a key liaison with third-party auditors and internal leadership, the selected individual will play a vital role in safeguarding the organization’s operational integrity and regulatory posture. Responsibilities
Risk Management and Strategy: Assess and prioritize cybersecurity risks across critical business systems and processes. Risk Management and Strategy: Align cybersecurity risk management strategies with organizational goals and business objectives. Risk Management and Strategy: Evaluate the cost-effectiveness of security controls and recommend optimized risk mitigation strategies. Risk Management and Strategy: Explore and implement risk transfer mechanisms such as cybersecurity insurance. Risk Management and Strategy: Conduct security reviews and identify gaps in security architecture, recommending mitigation strategies. Risk Management and Strategy: Build and manage remediation plans for risks identified during assessments, audits, and inspections. Audit and Compliance Coordination: Collect, organize, and validate ITGC evidence across infrastructure and applications (e.g., Active Directory, SQL, JDE). Audit and Compliance Coordination: Prepare and manage audit evidence packages for internal and external audits. Audit and Compliance Coordination: Track audit timelines and ensure timely delivery of required documentation. Audit and Compliance Coordination: Maintain audit logs, control matrices, and centralized evidence repositories. Audit and Compliance Coordination: Coordinate with system owners and administrators to retrieve and verify access control data. Audit and Compliance Coordination: Serve as the primary point of contact for third-party auditors and internal stakeholders. Audit and Compliance Coordination: Review authorization and assurance documents to confirm acceptable risk levels for systems and applications. Audit and Compliance Coordination: Perform risk analysis when systems undergo major changes. Policy and Governance Support: Review internal cybersecurity policies and procedures annually to ensure alignment with regulatory standards. Policy and Governance Support: Ensure implementation and functionality of security requirements and IT policies consistent with organizational goals. Policy and Governance Support: Provide subject matter expertise to internal risk and compliance departments. Policy and Governance Support: Support third-party risk management efforts and ensure compliance with applicable regulations and policies. Required Skills and Abilities
Strong analytical and problem-solving skills with the ability to interpret audit findings and develop remediation strategies. Excellent organizational and communication skills, with the ability to manage multiple priorities. Ability to collaborate effectively with cross-functional teams including IT, HR, Finance, and Legal. Ability to communicate business risk and mitigation strategies to stakeholders. Understanding of access provisioning and deprovisioning workflows. Knowledge of regulatory frameworks and standards (e.g., SOX, NIST RMF, ISO 27000, COBIT). Education & Experience
Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field. CISA, CRISC, CISSP, or CISM certifications are a plus. 5+ years of experience in IT audit, cybersecurity risk management, or enterprise risk management. Experience working with GRC platforms (e.g., ServiceNow IRM) and enterprise systems (e.g., Active Directory, SQL, JDE). Experience with regulatory compliance and risk management frameworks (e.g., NIST CSF, ISO 27005). EEO Statement
Hillwood is committed to providing Equal Opportunity in Employment, to all applicants and employees regardless of race, color, religion, gender, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or any other characteristic protected by law. #CORP Additional Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology
#J-18808-Ljbffr