AlohaRecruiter Since 2001
the smart solution for Aloha jobs

IT Audit & Compliance Analyst

Company: Marcus & Millichap
Location: Portland
Posted on: April 1, 2026

Job Description:

We are seeking a mid-level IT Audit & Compliance Analyst to join our IT organization at a publicly traded company. This role supports SOX compliance, SOC 2 reporting, and IT risk management, and works closely with Internal Audit, Finance, and Cybersecurity teams to ensure strong technology controls and regulatory compliance. This position is ideal for someone with a solid foundation in IT controls and audits who wants to deepen their experience across SOX, SOC 2, and cybersecurity governance. Key Responsibilities SOX & IT Controls Perform and support SOX IT General Controls (ITGC) testing, including: User access management Change management System operations and backups Assist with walkthroughs, risk assessments, and control documentation Track and support remediation of control deficiencies Partner with Internal Audit and external auditors during SOX audits SOC 2 & Third-Party Assurance Support SOC 2 Type I and Type II readiness and ongoing compliance Maintain control narratives, evidence, and audit artifacts Coordinate with IT, Engineering, and Security teams to ensure controls are operating effectively Assist in responding to customer and vendor security questionnaires Cybersecurity & Risk Collaboration Work with the Cybersecurity team on: Security policies and standards Risk assessments and control alignment (NIST, ISO, etc.) Incident response and access reviews (governance perspective) Help bridge compliance requirements with security operations Documentation & Continuous Improvement Maintain IT policies, procedures, and control documentation Identify opportunities to improve control design, automation, and audit efficiency Stay current on regulatory and industry best practices Required Qualificatons 3–6 years of experience in IT audit, IT compliance, or technology risk Hands-on experience with SOX ITGCs Exposure to SOC 1 and/or SOC 2 audits Understanding of core IT processes (access, change, SDLC, infrastructure) Strong documentation and communication skills Preferred Qualfications Experience in a public company environment Familiarity with cybersecurity frameworks (NIST, ISO 27001, CIS) Experience working with external auditors or Big 4 firms Certifications or progress toward: CISA - Required CISM CRISC CISSP (a plus, not required) What We Offer Exposure to SOX, SOC 2, and cybersecurity governance Career growth toward Senior IT Auditor, GRC Manager, or Cyber Risk roles Cross-functional work with IT, Security, Finance, and Audit teams Competitive compensation and benefits Why This Role Is Attractive (unspoken but real) Not “pure audit” — includes security and risk exposure Public company experience (very marketable) Clear path into senior IT audit, GRC, or cyber risk LI-CT1 We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Keywords: Marcus & Millichap, Aloha , IT Audit & Compliance Analyst, IT / Software / Systems , Portland, Oregon


Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Forgot password?

Get the latest Oregon jobs by following @recnetOR on Twitter!

Aloha RSS job feeds