×
Register Here to Apply for Jobs or Post Jobs. X

Information Security Analyst; GRC & Operations

Job in Las Vegas, Clark County, Nevada, 89105, USA
Listing for: WHSmith
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 62000 - 80000 USD Yearly USD 62000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: Information Security Analyst (GRC & Operations)

Information Security Analyst (GRC & Operations) - (SSC - 9090.1)

Location:

Support Center - Las Vegas, NV 89119 US (Primary)

Job Type: Full-time

Category:
Information Technology

Responsibilities
  • Secure the organization's systems and information assets by applying cybersecurity best practices and protecting against unauthorized access, modification, or destruction.
  • Partner with end users and department leaders to identify security needs and embed appropriate controls across business units.
  • Deploy, integrate, and configure new and existing security solutions in line with standard operating procedures.
  • Serve as a Tier 1 responder for cybersecurity alerts and remediations — triage, contain, escalate, document, and investigate problematic or anomalous activity.
  • Support vulnerability assessments and penetration testing and coordinate timely remediation of identified weaknesses.
  • Administer periodic access reviews to enforce least privilege.
  • Support the global cybersecurity compliance program, maintaining alignment with frameworks such as NIST CSF, CIS Controls, ISO 27001, and PCI DSS.
  • Perform continuous control assessments, document evidence, identify gaps, and report findings to key stakeholders.
  • Maintain the risk register, control catalog, and support policies, standards, and procedures; assist with internal/external audits, third-party risk reviews, and ongoing monitoring.
  • Deliver corporate cybersecurity training — new-hire onboarding, annual refreshers, role-based training, and phishing simulations.
  • Manage training and awareness metrics (completion rates, click/report rates, repeat offenders, behavioral trends), report results to leadership, and coordinate remedial training with HR, IT, and managers.
  • Foster a culture of security consciousness across the organization.

Compensation: $62,000 - 80,000

Benefits
  • Excellent Medical, Dental & Vision Insurance, Life Insurance, Short & Long-Term Disability Insurance
  • Competitive Compensation
  • Exceptional Time-Off Benefits including FTO and Holidays
  • Growth opportunities and opportunities for career development
  • 401k with company match
  • Employee Assistance Program
  • Incredible Employee Discounts through our Discount Marketplace!
EEO/ADA/DFWP

WHSmith North America is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sexual orientation, national origin/ancestry, age, gender identity, gender expression, military/veteran status, marital status, disability status or any other basis prohibited by law.

Qualifications
  • Education: Bachelor of Science in Cybersecurity or a related field, or equivalent hands‑on experience.
  • Experience: 1–2 years of experience or internships in cybersecurity, IT, or GRC — or a strong academic background with relevant projects, certifications, or lab work.
  • Frameworks & standards: Foundational understanding of common cybersecurity frameworks such as NIST CSF, CIS Controls, ISO 27001, or PCI DSS, and an interest in growing into continuous control assessments and compliance work.
  • Security operations & EDR: Exposure to endpoint security or EDR tooling and a basic understanding of alert triage, escalation, and incident documentation; willingness to learn Tier 1 response workflows.
  • Vulnerability & access management: Familiarity with vulnerability scanning concepts, remediation tracking, user access reviews, and least‑privilege principles.
  • Risk, policy & audit: Awareness of risk management and policy concepts, with an interest in supporting control assessments, evidence collection, and audit activities.
  • Security awareness & training: Interest in helping build and deliver cybersecurity awareness content (onboarding, annual, phishing simulations) and tracking basic training and phishing metrics.
  • Communication: Clear written and verbal communication skills, with the ability to explain technical topics to non‑technical coworkers.
  • People & soft skills: Approachable, collaborative, and customer‑service oriented — comfortable working across departments, building trusted relationships, and engaging users with patience and empathy (especially when coaching on phishing, training, or access topics). Strong teamwork, active listening, and a positive, professional demeanor.
  • Mindset: Curious, detail‑oriented, and eager to learn — comfortable asking questions and growing into broader security and GRC responsibilities.
Additional Requirements
  • Limited standing, walking, climbing, crouching, bending, pushing, or pulling
  • Limited travel or overnight
  • Occasional travel or overnight
  • Frequent travel or overnight; including international
  • Normal or corrected vision and hearing
  • Can distinguish varying or specific colors, patterns, or materials
  • Fluency in English is required for training, customer interactions, and ensuring compliance with company policies and procedures
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary