IT Risk & Compliance Analytics Analyst Sr

Stericycle is a U.S. based business-to-business services company and leading provider of compliance-based solutions that protects people and brands, promotes health and well-being, and safeguards the environment. Since our founding over 30 years ago, we have grown from a small start-up in medical waste management into a leader across a range of increasingly complex and highly regulated arenas, serving healthcare organizations and commercial businesses of every size. Every day, we help our customers solve complex challenges by safely managing materials that could otherwise spread disease, contaminate the environment, or compromise one's identity.

Join us on our mission to protect health and well-being in a safe, responsible, and sustainable way.

The Senior IT Risk & Compliance Analytics Analyst will take a leadership role in supporting and enhancing the centralized User Access Review (UAR) process. This individual will leverage their expertise in data analytics, compliance, and risk management to drive continuous improvement in access review activities across multiple applications and systems. The Senior Analyst will serve as a key advisor to the Manager, IT Risk & Compliance, and will work closely with cross-functional teams to ensure data integrity, compliance, and security in access governance. This role will play a crucial part in identifying compliance gaps, managing remediation efforts, and mentoring junior team members. This position is a 100% work from home opportunity without travel. The starting pay is $95,000 or higher.

• Lead the execution of the end-to-end centralized User Access Reviews, including data preparation, ETL (Extract, Transform, Load) processes, monitoring review progress, post-access removal validation, and risk assessment.
• Develop and enhance processes and methodologies for UAR execution to improve efficiency, accuracy, and scalability of access reviews.
• Collaborate with cross-functional teams to define business requirements, implement applications in UAR tools, and ensure compliance with access provisioning and security standards.
• Conduct advanced risk assessments, identifying potential risks, weaknesses, and compliance issues in user access controls. Lead efforts to track and remediate access compliance gaps in a timely manner.
• Design and optimize ETL workflows and data transformation processes to ensure data completeness, accuracy, and reliability within UAR tools.
• Serve as a subject matter expert (SME) in data analytics for cybersecurity, risk management, and digital access governance, applying best practices and innovative solutions.
• Troubleshoot and resolve complex data issues, including tracing data flows and validating transformation logic.
• Utilize advanced SQL queries and data analysis techniques to monitor and validate access data quality.
• Lead the development and maintenance of standard operating procedures, documentation, and best practices for the UAR process.
• Mentor and provide guidance to junior analysts, fostering their professional development and analytical skills.
• Provide regular reports and presentations to management, offering actionable insights on UAR process performance, risks, and improvement opportunities.

• Bachelor's degree in Business Analytics, Information Systems, Data Science, or a related field. Master's degree preferred.
• 5+ years of experience in data analytics, risk management, IT audit, or a related field, with a focus on access management and compliance.
• Strong understanding of auditing standards, risk assessment, and access control frameworks (e.g., SOX, ISO 27001, NIST).
• Demonstrated experience in leading or managing large-scale data review or compliance projects.
• Advanced problem-solving and critical-thinking skills with a track record of generating creative solutions to complex data challenges.
• Strong business acumen with the ability to align technical solutions with organizational goals.
• Excellent communication skills, including the ability to present complex data and insights to non-technical stakeholders.
• Proven ability to manage competing priorities, deliver high-quality results under pressure, and drive continuous improvement initiatives.
• Experience with mentoring or supervising junior team members and promoting a collaborative team environment.

Technical Skills:

• Advanced proficiency in tools such as SailPoint IdentityIQ, Alteryx, Informatica, Talend, or MS SSIS.
• Advanced knowledge of SQL, data modeling, and database management concepts.
• Proficiency in programming/scripting languages such as Python, R, or Scala.
• Strong expertise in data visualization tools (e.g., Tableau, Power BI, Qlik Sense, or Looker).
• Experience with data transformation techniques and ensuring data integrity across complex workflows.
• Advanced Excel skills, including complex functions (e.g., INDEX-MATCH, array formulas) and automation using macros/VBA.
• Familiarity with access control systems, identity governance tools (e.g., SailPoint), and cybersecurity risk management concepts.
• Strong proficiency with Microsoft Office Suite (Word, PowerPoint, Excel).

Competencies:

• Strategic Thinking: Ability to anticipate risks, understand emerging trends, and propose forward-thinking solutions.
• Leadership: Demonstrates the ability to inspire and guide others towards achieving goals. Builds strong relationships across teams and promotes a culture of accountability and excellence.
• Attention to Detail: Maintains a high level of accuracy and thoroughness in data analysis and reporting.
• Communication: Clearly articulates ideas and complex data findings. Listens actively and responds effectively to stakeholder needs.
• Adaptability: Thrives in a dynamic environment, quickly adapting to changing priorities and challenges.
• Ethical Integrity: Upholds confidentiality and adheres to the highest ethical standards in data governance and risk management.

Stericycle currently offers its employees the option to participate in a full range of benefits, including a health care program which includes medical, dental, vision and prescription coverage, healthcare and dependent care flexible spending accounts, life and accidental death and dismemberment insurance, an employee assistance program, tuition reimbursement, paid vacation and sick time, a 401(k) plan, and an employee stock purchase plan. Participation in some programs requires that employees be regularly scheduled to work a minimum number of hours and/or to have fulfilled a waiting period after they begin employment with Stericycle.

Stericycle is committed to attracting and retaining a diverse workforce, and to valuing unique perspectives and identities. We foster a culture of belonging that encourages, supports, and celebrates the diverse voices of our team members. It fuels our innovation and strengthens our connection to our customers and the communities we serve. We are proud to be an equal opportunity employer. All employment is decided on the basis of qualifications, merit, and business need.

The above description is meant to provide a summary of the nature and level of work being performed; it should not be construed as an exhaustive list of all responsibilities, duties and requirements of the job. This document does not create an employment contract, implied or otherwise, and it does not constitute any right or guarantee of employment condition. This position is open to people with disabilities. Stericycle will consider requests for workplace accommodations for protected physical or mental limitations in accordance with its human resources and risks prevention policies and local laws. To the extent permissible under local law, and consistent with business necessity, Stericycle reserves the right to modify the content formally or informally, either verbally or in writing, at any time with or without advance notice.