Triumph Group *Position Title: Analyst, IT Audit & Compliance *Position Type: Full-Time *Compensation: Salaried *Start Date: ASAP *Location: Berwyn, PA (Greater Philadelphia)

*Job Requirements *Job Description The IT Audit & Compliance Analyst will serve as subject matter expert and is responsible for assisting the Director of IT Compliance in assessing, developing, implementing, maintaining and monitoring Triumph’s IT compliance programs by providing guidance, support, analysis and reports to IT management based on internal and external compliance requirements such as SOX, FEDRAMP, DFARS, ITARS, GDPR, CMMC, etc. This role will also heavily engage with IT management, staff, and departments outside Triumph’s IT department, as well as Internal Audit and external auditors, in continuously identifying gaps, feasible resolutions and improvements to control weaknesses and opportunities in support of Triumph’s internal controls over financial reporting.

Job Responsibilities include:

• Engage with IT management, staff, and teams outside Triumph’s IT department, as well as Internal Audit, and external auditors, to identify feasible resolutions to control weaknesses and opportunities for improvement. • Apply knowledge of operating systems, application development, change management, operations, networking and telecommunications, databases, business continuity, disaster recovery, physical and logical security to develop and assist in implementation and enforcement of security compliance policies and procedures, to reduce technical risk and increase operational efficiency. • Utilize automated tools and services to support the security compliance program in analysis and accurately documenting work performed to support findings, conclusions reached, and recommendations made. • Periodically monitor activities of audited area(s), control self-assessments, following- up to ensure continued compliance with applicable internal policies, procedures, and external regulations, including monthly, quarterly, and annual account and activity reviews where applicable. • Drive audit finding recommendations to increase compliance and accountability among all partner and customer groups. • Strive to create efficiencies within the IT Compliance Department by streamlining processes and audits. • Complete ad hoc assignments, projects, and audits. • Periodically and during audit peak season, work extended hours past 5pm. • Maintain proficient knowledge of applicable compliance statutes, audit regulations and interpretations.

* Skills & • At least 3 years of experience in IT Risk and Compliance audits, IT Assurance, Qualifications: Internal Audit, another SOX controls related field or related IT audit work in public accounting. • Work experience in administering and/or testing windows and/or Linux servers, Active Directory structures, Oracle or SQL databases, SAP and/or VMware environments.

ISACA Philadelphia is not responsible for the content or accuracy of this job posting. Template Version 1.1: 02/21/07 Page 1 of 2 • An understanding of PCAOB guidance on generally accepted practices for testing SOX IT General Controls, Business Process Controls, Key Reports, and Application Controls a plus. • Exceptional client service and communication skills. Strong technical aptitude and problem-solving skills, excellent analytical, communication (written and verbal) and interpersonal skills. • Effective project and time management skills for handling multiple priorities and simultaneous projects. • Enthusiasm to learn through a combination of structured, on-the-job, and self-directed training. • Ability to work efficiently and effectively in a complex and decentralized IT environment. • Strong computer skills including proficiency in Microsoft Office suite applications. • Must possess competence to understand and manage work/project obstacles and complexities, including work/project scope, key players, urgency, inherent risks, and business benefits. • Ability to work additional hours and/or travel as needed. Education: Bachelor's degree in Accounting, Finance, Information Technology, MIS, or related field. A Master's degree is a plus. Certification(s): Desire to pursue CPA, CISA, CISSP, CIA or CISM license/certification. Travel: 25%

*Contact Information Job Reference: *Contact Name: Kathleen Mercaldo (HR/Talent) – please do not post ([email protected]) Email Address: www.triumphgroup.com Telephone: Fax: Website: https://careers.triumphgroup.com/job/Arlington-Analyst%2C-Security-&-Compliance-TX- 76011/694114900/ Company Triumph Group designs, engineers, manufactures, repairs and overhauls a broad portfolio Information: of aviation and industrial components, accessories, subassemblies, systems, and aircraft structures. We partner with original equipment manufacturers (OEMs) and operators of commercial, regional, business and military aircraft worldwide, to provide products and services that solve their hardest problems. So, whatever the part, component or complexity of assembly, Triumph Group is committed to quality, service and meeting the specialized needs of each customer. Special Please apply via our careers page. Thank you. Instructions:

ISACA Philadelphia is not responsible for the content or accuracy of this job posting. Template Version 1.1: 02/21/07 Page 2 of 2