IT GRC Analyst (Cyber Contract Management)
About the position
NBCUniversal is seeking an experienced Governance, Risk, and Compliance (GRC) Analyst to support various functions within the Security Assurance ā Governance team. The ideal candidate will have a strong understanding of cybersecurity, vendor contracts, negotiation of third party security standards, and the ability support additional governance functions like 3rd Party Security Reviews.
Responsibilities
⢠Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions, ensuring vendor and client obligations are aligned with internal cyber controls
⢠Undertake research as needed when control or regulatory questions arise
⢠Track status of risk remediations in the risk register with business stakeholders
⢠Monitor completeness and sustainability of remediation efforts
⢠Educate and raise awareness on risks and controls
⢠Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders
⢠Contribute to enterprise IT Risk and Control awareness efforts
⢠Maintain deep understanding of organization wide objectives, interactions, issues and risks
⢠Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks
⢠Perform other related duties and special projects, as assigned, to support evolving GRC and cybersecurity program needs
Requirements
⢠Bachelor's degree or equivalent experience.
⢠Minimum of 2 years of experience in IT Governance, Risk or Compliance functions
⢠Knowledge of IT Risk Frameworks such as NIST, ISO, CSA, PCI, etc.
⢠Knowledge of contracting lifecycle
⢠Ability to work independently and in cross functional teams
⢠Strong analytic skills for problem analysis and resolution
⢠Experience in process management systems like Jira, Azure DevBoards, ServiceNow
⢠Experience with the MS office suite ā Excel, PowerPoint, Word etc
⢠Strong written/verbal communication and organizational skills
Nice-to-haves
⢠Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements.
⢠Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture.
⢠Ability to understand the big picture by aligning activities to business objectives and partnering with other IT GRC functions to align strategies and enterprise priorities.
⢠Industry certifications such as CRISC or CISA are a plus.
Benefits
⢠This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks.
Apply Now
Apply Now
NBCUniversal is seeking an experienced Governance, Risk, and Compliance (GRC) Analyst to support various functions within the Security Assurance ā Governance team. The ideal candidate will have a strong understanding of cybersecurity, vendor contracts, negotiation of third party security standards, and the ability support additional governance functions like 3rd Party Security Reviews.
Responsibilities
⢠Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions, ensuring vendor and client obligations are aligned with internal cyber controls
⢠Undertake research as needed when control or regulatory questions arise
⢠Track status of risk remediations in the risk register with business stakeholders
⢠Monitor completeness and sustainability of remediation efforts
⢠Educate and raise awareness on risks and controls
⢠Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders
⢠Contribute to enterprise IT Risk and Control awareness efforts
⢠Maintain deep understanding of organization wide objectives, interactions, issues and risks
⢠Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks
⢠Perform other related duties and special projects, as assigned, to support evolving GRC and cybersecurity program needs
Requirements
⢠Bachelor's degree or equivalent experience.
⢠Minimum of 2 years of experience in IT Governance, Risk or Compliance functions
⢠Knowledge of IT Risk Frameworks such as NIST, ISO, CSA, PCI, etc.
⢠Knowledge of contracting lifecycle
⢠Ability to work independently and in cross functional teams
⢠Strong analytic skills for problem analysis and resolution
⢠Experience in process management systems like Jira, Azure DevBoards, ServiceNow
⢠Experience with the MS office suite ā Excel, PowerPoint, Word etc
⢠Strong written/verbal communication and organizational skills
Nice-to-haves
⢠Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements.
⢠Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture.
⢠Ability to understand the big picture by aligning activities to business objectives and partnering with other IT GRC functions to align strategies and enterprise priorities.
⢠Industry certifications such as CRISC or CISA are a plus.
Benefits
⢠This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks.
Apply Now
Apply Now