×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

IT GRC Analyst

Job in Omaha, Douglas County, Nebraska, 68197, USA
Listing for: North End Teleservices LLC
Full Time position
Listed on 2025-12-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Job Summary

The North End Teleservices GRC Analyst optimizes the organization's cybersecurity posture via governance, risk, and compliance (GRC) activities. The position ensures that the organization operates within regulatory requirements, manages risks effectively, and follows internal governance policies while analyzing, auditing, and managing systems and processes intended to align the organization with cybersecurity standards such as NIST and other similar frameworks as mandated by the business.

The role is a hands‑on function that performs work related to controls and objectives while establishing and enforcing company policies, security frameworks, and best practices that align with business goals and industry standards. It also includes the identification, assessment, and mitigation of risks related to cybersecurity, data protection, and operational processes.

Key Responsibilities
  • Development, alignment, maintenance, and regular audit of policies related to cyber security and risk including:
    • Information Security Policy (annual review)
    • Business Continuity Plan (annual review)
    • Disaster Recovery Plan (annual review)
    • Incident Response Plan (annual review)
    • Risk Management Program (annual review)
    • Acceptable Use Policies (annual review)
    • Removeable Media Policy (annual review)
    • Technology Control Plan (annual review)
    • Security Awareness and Training Policy (annual review)
    • Media Marking and Handling Policy (annual review)
    • AI Policy (annual review)
    • Other policies as assigned
  • Development, alignment, maintenance, and audit of procedures that impact cyber security controls including:
    • Access Control Procedure
    • Operational Change Management Procedure
    • Network Access Management Procedure
    • Log Management Procedure
    • Other procedures as assigned
  • Management, execution and follow‑up related to recurring functions as assigned including:
    • Security Awareness Training campaigns (quarterly)
    • Vulnerability Assessments reviews (monthly)
    • Log Management procedures (weekly)
    • Risk Register meetings (quarterly)
    • Tabletop exercises (annually)
    • Active network user audits (monthly)
    • Approved application audits (annually)
    • Review of employee cybersecurity training/acknowledgement program (annually)
    • Public-facing Resources Audit (annually)
    • Security Controls Assessment (annually)
    • User Access Review (annually)
    • Power continuity review (annually)
    • All aspects of Risk Management Program (as needed)
    • Other functions as assigned (as needed)
  • Execution of ad hoc cybersecurity tasks as needed:
    • Routine maintenance of policies and procedures in line with business changes
    • Response to cybersecurity incidents, related logging, forensics, and action
    • Review of CISA alerts and associated Risk Register updates
    • Cybersecurity projects as assigned
    • Cybersecurity partnership management and optimization
    • Operational Change Management review discussions and form completion as needed
    • Periodic cybersecurity training for team members
    • Meetings and related follow‑up
    • Cybersecurity support for customer inquiries and sales opportunities
    • Other tasks as assigned
  • Management of certain platform software and documentation as assigned including:
    • Security Awareness Training Platform
    • Password Vault Platform
    • Section 508 Accessibility Platform
    • Other platforms as assigned
    • Governance, Risk, and Compliance documentation

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Technical Skills
  • Knowledge of Security Frameworks & Regulations - Understanding of ISO 27001, NIST 800-X, CMMC, SOC 2, HIPAA, PCI DSS, and GDPR.
  • Risk Management - Ability to conduct risk assessments, identify vulnerabilities, and implement mitigation strategies.
  • Compliance Auditing - Experience with internal/external audits, compliance reporting, and policy documentation.
  • GRC Tools & Platforms - Familiarity with cyber security tools related to functions such as security awareness training, log management, vulnerability assessment and other functions.
  • Security & IT Fundamentals - Understanding of cybersecurity principles, cloud security (AWS, Azure, GCP),…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search