Senior Analyst, Digital Security

Waste Management is seeking a Senior Analyst, Digital Security in Houston, TX, to support governance, risk, and compliance frameworks in IT. The role involves collaborating with IT and business teams to manage risks, utilizing GRC Compliance tools, providing training on IT security and compliance, and supporting audits. The position requires staying updated on regulatory changes and best practices to enhance the organization's compliance posture.
WM is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law.

WM, a Fortune 250 company, is the leading provider of comprehensive waste and environmental services in North America. We are strongly committed to a foundation of operating excellence, professionalism and financial strength. WM serves nearly 25 million customers in residential, commercial, industrial and municipal markets throughout North America through a network of collection operations, transfer stations, landfills, recycling facilities and waste-based energy production projects.

I. Job Summary
Play a key role in supporting the development, implementation, and maintenance of governance, risk, and compliance frameworks across the IT landscape. The Senior Analyst Digital/IT Compliance will report directly to the Senior Manager Digital/IT Compliance and work closely with cross-functional teams to ensure IT operations align with both internal policies and external regulatory requirements, while proactively identifying risks and implementing mitigation strategies for compliance.

II. Essential Duties and Responsibilities

To perform this job successfully, an individual must be able to perform each duty satisfactorily. Other ancillary duties may be assigned.

Engage Across the Business: Partner with IT and business teams to identify and centrally manage emerging and existing risks associated with IT application security, identity and access management, configuration and data governance and overall enterprise policy adherence

Evolve Our Capabilities: Leverage leading practice GRC Compliance tools (such as OneTrust, Sailpoint, Oracle Risk Cloud, Monday.com, AuditBoard, and SAP GRC) to enable effective and sustainable risk prevention or risk mitigation compliance strategies

Lead the business adoption and maintenance of GRC Compliance tools and analytics to monitor and report on compliance with IT security policies, regulatory requirements, and industry standards.

Empower Our People: Provide training and awareness programs on IT security, risk management, and compliance topics for employees across the organization and build a culture of proactive compliance maturity.

Support internal and external audits by providing necessary documentation and evidence of compliance with relevant laws and regulations (eg. SOX, PCI DSS, ERCOT, PII, CCPA, EPA)

Enable Business Strategies: Stay up-to-date on changes in regulations, best practices, and emerging technologies that could impact the organization's IT governance and compliance posture

Engage Across the Business: Partner with IT and business teams to identify and centrally manage emerging and existing risks associated with IT application security, identity and access management, configuration and data governance and overall enterprise policy adherence

Evolve Our Capabilities: Leverage leading practice GRC Compliance tools (such as OneTrust, Sailpoint, Oracle Risk Cloud, Monday.com, AuditBoard, and SAP GRC) to enable effective and sustainable risk prevention or risk mitigation compliance strategies

Lead the business adoption and maintenance of GRC Compliance tools and analytics to monitor and report on compliance with IT security policies, regulatory requirements, and industry standards.

III. Qualifications

The requirements listed below are representative of the qualifications necessary to perform the job.

A. Education and Experience
• Education: Bachelor's degree (accredited) in Computer Science, MIS, Business Administration or similar area of study, or in lieu of degree, High School Diploma or GED (accredited) and 4 years or relevant work experience.
• Experience: At least five years of experience in IT compliance with responsibilities involving interpretation of regulatory requirements (eg. SOX, PCI DSS, ERCOT, PII, CCPA, EPA etc.) and demonstrated success in translating them into actionable and sustainable compliance strategies preferred.

B. Certificates, Licenses, Registrations or Other Requirements
• Certified Information Systems Security Professional (CISSP) preferred
• Certified Information Systems Auditor (CISA) preferred
• Certified Information Security Manager (CISM) preferred
• Other professional certifications desired include: CPA, CCSP, CRISC, CC ISO 27001, CWSP, GIAC.
• Other vendor certifications desired include: CCNA, CCNP, CCSP, MSCE

C. Other Knowledge, Skills or Abilities Required
Technical understanding of Oracle ERP systems, Processes, Configurations, & System Functionality Familiarity with Best Practice Oracle Application Security Role Design Concepts, as well as STRIDE LM, SABSA Experience with Segregation of Duties and Sensitive Access Rulesets, and ERP Configuration Change Management Controls and Policies Experience with Hands-On Compliance Tools such as OneTrust, Sailpoint, Oracle Risk Cloud, Monday.com, AuditBoard, SAP GRC, VikingCloud, SAI 360 Competency in Analytical Tools or Languages such as PowerBI, Tableau, Alteryx and familiarity with Data Governance controls in backend database platforms such as Snowflake and S/4 HANA Knowledge of cloud environments and their associated risks (AWS, Azure, Google Cloud, etc.). Familiarity with Best Practice Oracle Application Security Role Design Concepts Prioritizes accountability, ownership, and proactive communication Critical thinking and analytical skills with ability to both identify risks and propose solutions. Strong attention to detail, organizational skills, and ability to build/follow process flows and maps Ability to "build a coalition" and work collaboratively with cross-functional teams

IV. Work Environment
Listed below are key points regarding environmental demands and work environment of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

Normal setting for this job is: office setting.

Benefits
At WM, each eligible employee receives a competitive total compensation package including Medical, Dental, Vision, Life Insurance and Short Term Disability. As well as a Stock Purchase Plan, Company match on 401K, and more! Our employees also receive Paid Vacation, Holidays, and Personal Days. Please note that benefits may vary by site.

If this sounds like the opportunity that you have been looking for, please click "Apply".
ABOUT WM WM (WM.com) is North America's largest comprehensive waste management environmental solutions provider. Previously known as Waste Management and based in Houston, Texas, WM is driven by commitments to put people first and achieve success with integrity. The company, through its subsidiaries, provides collection, recycling and disposal services to millions of residential, commercial, industrial and municipal customers throughout the U.S. and Canada. With innovative infrastructure and capabilities in recycling, organics and renewable energy, WM provides environmental solutions to and collaborates with its customers in helping them achieve their sustainability goals. WM has the largest disposal network and collection fleet in North America, is the largest recycler of post-consumer materials and is the leader in beneficial reuse of landfill gas, with a growing network of renewable natural gas plants and the most gas-to-electricity plants in North America. WM's fleet includes nearly 11,000 natural gas trucks - the largest heavy-duty natural gas truck fleet of its kind in North America - where more than half are fueled by renewable natural gas. To learn more about WM and the company's sustainability progress and solutions, visit Sustainability.WM.com.

Equal Employment Opportunity

For United States: WM is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law.

For Canada: WM is committed to the principle of equal employment for all applicants and employees, without discrimination on the basis of all grounds protected by applicable human rights legislation. Accommodations are available on request for candidates taking part in all aspects of the selection process. Please notify us if you require accommodation.

Real ID

In order to travel by air or access federal property, federal law requires individuals have a REAL ID or an acceptable alternative. This position may require the successful candidate to travel by air for business reasons, or service federal property. Accordingly, successful candidates must have, or be willing to obtain, a REAL ID, or TSA approved alternative.