Business Analyst Specialist

Client: Energy

Role: Business Analyst Specialist

Duration: 12 months plus very likely extension.

Location: Calgary (Hybrid)

Our Energy sector client is seeking a Business Analyst to join their team in Calgary, Alberta (hybrid).

Technical Skills • IT General Controls (ITGCs) – Understanding of access management, change management, backup & recovery, and system operations. • SOX Compliance Frameworks – Knowledge of COSO, COBIT, NIST, and ISO 27001 as they relate to IT controls. • Risk Management – Ability to identify, assess, and mitigate IT-related financial reporting risks. • Audit Methodologies – Familiarity with internal audits, external audits, and compliance assessments. • Identity & Access Management (IAM) – Expertise in user access reviews (UARs), role-based access control (RBAC), and privileged access management (PAM). • Change Management & IT Operations – Understanding of how IT system changes impact SOX compliance. • Data Analytics & Reporting – Ability to analyze control effectiveness using Excel, Power BI, SQL, or GRC tools. Analytical & Problem-Solving Skills • Control Design & Evaluation – Ability to assess IT control effectiveness and identify deficiencies. • Critical Thinking – Ability to analyze complex IT environments and detect control gaps. • Issue Remediation & Root Cause Analysis – Ability to recommend and validate corrective actions. • Process Improvement – Experience in automating or optimizing SOX IT compliance processes. Compliance & Regulatory Knowledge • Sarbanes-Oxley Act (SOX 404) – In-depth understanding of IT compliance requirements for financial reporting. • Financial System Controls – Familiarity with ERP systems like SAP and Workday. • Third-Party Risk Management – Knowledge of vendor compliance (SOC 1, SOC 2 reports). • Cybersecurity Best Practices – Awareness of security controls that impact SOX compliance. Soft Skills • Communication & Documentation – Ability to explain IT audit findings to non-technical stakeholders and maintain clear compliance documentation. • Collaboration & Cross-Functional Coordination – Work effectively with IT, Finance, Security, and Internal Audit teams. • Attention to Detail – Ensure accuracy in audit reports, testing results, and documentation. • Project Management – Ability to manage SOX testing timelines, evidence collection, and remediation follow-ups. Tools & Technologies • GRC Platforms: ServiceNow GRC, AuditBoard, RSA Archer, ZenGRC • Audit & Analytics: Excel (pivot tables, VLOOKUP), SQL, Power BI • ERP & Financial Systems: SAP and Workday, • Identity & Access Management (IAM): SailPoint, Okta, Bonus Skills for Career Growth • CISA, CIA, or CRISC Certifications – Validates expertise in IT audits & risk management. • Cloud Compliance Knowledge (AWS, Azure, GCP) – Increasingly important for IT SOX audits. • AI & Automation in Compliance – Experience with RPA (e.g., UiPath, Automation Anywhere) for audit automation.