Equifax, Inc.

Apply for this job

Regulatory Compliance Analyst - Intermediate (Finance)



This role is responsible for the project management and business analysis around our EFX Controls program. Working directly to help operationalize the controls and coordinate, track, monitor, and facilitate activities to drive compliance to policy for technical requirements. Provide guidance to individual teams on implementation of controls as required. Assist in creating clear documentation to enable teams to execute and prioritize activities. Establishment of key metrics and developing/producing reporting against progress of EFX control adoption & compliance.

Equifax has a hybrid work schedule that allows for 2 days of remote work (Monday and Friday), with 3 days onsite (Tuesday, Wednesday, Thursday) every week.

This role reports to our office in Alpharetta, Georgia.

This position does not offer immigration sponsorship (current or future) including F-1 STEM OPT extension support.

This is a direct-hire role and is not open to C2C or vendors.

What you'll do

  • Strategic Partnership: Advising on compliant business practices, encompassing product launch and development to ensure all activities adhere to legal and internal business requirements.
  • Regulatory Interpretation: Interpreting compliance requirements and advising on their implementation.
  • Policy Management: Developing, maintaining, and updating internal policies and procedures to reflect compliance changes and business needs.
  • Risk Assessment: Identifying, assessing, and mitigating compliance risks across business operations.
  • Awareness & Role-Specific Training: Conducting general awareness sessions and training tailored to specific roles and compliance risks as required.
  • Compliance Monitoring: Performing end-to-end monitoring to detect and address potential non-compliance.
  • Incident Response & Remediation: Establishing protocols for investigating and resolving compliance incidents and implementing corrective actions.

What experience you need
  • 2+ years of direct experience in an IT/Security Compliance, Technology Governance, IT Risk Management, or Governance, Risk, and Compliance (GRC) role within a regulated industry (e.g., financial services, healthcare, fintech).
  • Proven ability to interpret complex technical and security regulations and frameworks (e.g., NIST CSF, ISO 27001, PCI DSS, SOX ITGCs, GDPR/CCPA technical requirements) and translate them into actionable IT controls.
  • 2+ years of hands-on experience developing, implementing, and managing IT-specific policies and procedures (e.g., Information Security Policy, Change Management Procedure).
  • Practical experience conducting IT risk assessments and control evaluations.
  • Designed or executed technology compliance monitoring programs, including evidence collection and control testing.
  • Led or supported incident response and remediation.
  • Ability to explain control design and operating effectiveness to internal and external auditors.

What can set you apart
  • Relevant IT/Security Certifications: CISA, CISM, CRISC, CISSP.
  • Direct experience with specific regulatory frameworks or critical technology (e.g., FedRAMP, SOC 2, NIST, ISO).
  • Proficiency with GRC tools (e.g., Archer, ServiceNow GRC) or IT asset/vulnerability management platforms.
  • Experience with AI governance frameworks, identifying relevant AI governance tools, or automating compliance processes using AI/ML technologies.
  • Ability to automate compliance checks or reporting using scripting (e.g., Python, PowerShell).
  • Experience in DevSecOps environments or integrating security and compliance into agile development.
  • Prior technical role experience (e.g., Network Engineer, System Administrator, Security Engineer).
  • Undergraduate or Master's degree in Cybersecurity, Information Systems, or a related technical discipline.

#LI-Hybrid

#LI-KD1 Apply

Apply Here done