Lead Business Systems Compliance Analyst

About CoStar Group 
CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. As part of the S&P 500 Index and NASDAQ 100, CoStar is committed to digitizing the world’s real estate—empowering our customers through data, insights, and connections that improve their businesses and lives. 

For over 35 years, we’ve built the standard for real estate information and online marketplaces through continuous innovation and operational excellence. We provide our team members with the tools, knowledge, and support to succeed in a fast-paced, results-driven environment. 

Role Summary 

The Senior Business Systems Compliance Analyst is a hands-on role responsible for executing compliance-related activities for CoStar’s Global Financial Business Systems. This position will be directly accountable for managing and performing key compliance tasks, including SOX and SOC 1 control activities, user access reviews, audit support, and documentation for Oracle ERP and related systems. 

This position reports to the Senior Manager of Financial Systems within the Finance organization and serves as a subject matter expert in financial systems compliance, access governance, and audit support. 

Key Responsibilities 

Compliance Execution 

• Perform and document quarterly User Access Reviews (UARs) for in-scope financial systems. 

• Execute walkthroughs, evidence collection, and remediation tracking for SOX and ITGC audits. 

• Perform regular user access and segregation of duties (SoD) reviews to maintain compliance. 

• Conduct control testing, issue tracking, and ensure timely resolution of deficiencies. 

• Maintain clear and auditable documentation for all access requests, approvals, and changes. 

• Assess SOC 1 and SOC 2 reports from third-party vendors and evaluate control effectiveness. 

Audit Support 

• Serve as the primary point of contact for IT compliance matters related to Oracle ERP and supporting systems. 

• Partner with internal and external auditors during audits and support ad hoc audit inquiries. 

• Maintain audit-ready documentation and evidence to support audit procedures. 

System Governance & Change Control 

• Assess the compliance impact of Oracle quarterly updates and enhancements to financial systems. 

• Support the development and documentation of new controls in coordination with system changes. 

• Participate in UAT and change management processes to ensure compliance requirements are met. 

Incident and Access Management 

• Manage service requests and incidents through JIRA, focusing on user provisioning, deprovisioning, and compliance-related issues. 

• Support incident resolution related to security roles, user profiles, and access configurations. 

• Maintain knowledge base and standard operating procedures for compliance-related support tasks. 

Stakeholder Collaboration 

• Partner with internal and external auditors, IT security, and business process owners to support compliance readiness and mitigate risk. 

• Collaborate with the Projects Team to evaluate new features, enhancements, and implementations for compliance alignment. 

• Work directly with the Director of Compliance to ensure execution of enterprise-level audit readiness, ITGC testing, and policy adherence. 

• Provide compliance-related training and guidance to business users and system administrators. 

• Communicate status updates and risk findings clearly to management and stakeholders. 

Basic Qualifications 

• Bachelor’s degree from an accredited institution in information systems, computer science, finance, accounting, or a related field. 

• A track record of commitment to prior employers.

• 6+ years of progressive experience in IT compliance, IT audit, or business systems support. 

• Strong, hands-on experience with enterprise business systems (preferably Oracle Cloud Financials). 

• In-depth knowledge of SOX controls, ITGCs, access management, and audit processes. 

• Working experience supporting compliance in a fast-paced, global enterprise. 

• Proficiency in GRC tools, JIRA, and documentation platforms. 

• Strong documentation, analytical, and communication skills. 

Preferred Qualifications 

• Experience working in or with Big 4 accounting or auditing firms on compliance/audit projects. 

• 2+ years of direct experience reviewing SOC 1 reports, including control assessments and vendor risk evaluation. 

• Participation in an Oracle ERP implementation project or supporting a large-scale ERP environment. 

• Working knowledge of recognized cybersecurity frameworks, such as NIST 800-53, ISO/IEC 27001, or CIS Controls, with ability to map framework requirements to enterprise financial systems. 

• Certification(s) such as CISA, CIA, CPA, or ITIL Foundation strongly preferred. 

• Experience supporting a user base of 500+ across global financial systems. 

Why Join CoStar Group? 

At CoStar, we value innovation, integrity, and collaboration. You’ll be part of a forward-thinking team that prioritizes audit readiness, regulatory compliance, and operational excellence. Our benefits include: 

• Competitive salary and performance-based incentives 

• Comprehensive medical, dental, vision, and prescription coverage 

• 401(K) with company match and Employee Stock Purchase Plan 

• Tuition reimbursement and ongoing professional development 

• Mental health and wellness resources 

• On-site and/or reimbursed fitness center access 

• Free gourmet coffee, fresh fruit, and healthy snacks 

If you’re a highly motivated compliance professional with a passion for systems and control integrity—and you thrive in a hands-on role—we want to hear from you.