More jobs:
Senior Analyst, GRC
Job in
Overland Park, Johnson County, Kansas, 66204, USA
Listed on 2026-06-23
Listing for:
Black & Veatch Corporation
Full Time, Part Time
position Listed on 2026-06-23
Job specializations:
-
IT/Tech
Cybersecurity, Data Security
Job Description & How to Apply Below
As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.
Company :
Black & Veatch Corporation
Req : 115500
Opportunity Type :
Staff
Relocation eligible :
No
Full time/Part time :
Full-Time
Project Only Hire :
No
Visa Sponsorship Available:
No
Why Black & Veatch?
Black & Veatch allows you to lend your talent and perspective to humanity's biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation, 401k match and benefits that start day one.
Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.
The Opportunity
The Sr. Analyst, Governance, Risk, and Compliance (GRC) plays an important role in the GRC delivery framework, ensuring Black & Veatch's compliance with contractual and regulatory requirements, assessing control design and operation against common standards and frameworks, and assisting with third-party/supply chain risk management. The candidate will also promote a culture of risk awareness across the enterprise among other responsibilities. With an emphasis on cyber, contract and regulatory compliance risk management, the ideal candidate should be able to contribute to measuring success and identifying improvement opportunities and capabilities development in these areas.
This role is ideal for a detail-oriented professional with a passion for cyber and compliance risk management who is comfortable operating independently. Independent and critical thinking is absolutely necessary to be successful in this role as is a desire to drive efficiencies in function delivery and day-to-day tasks.
Key Responsibilities
Contract Risk Management
* Proven experience reviewing client contract provisions related to data security, breach reporting, cyber resilience, and compliance certifications and measuring compliance in IT and security architecture and operations.
Regulatory Compliance Risk Management
* Support independent certification and audit by working with D&IT peer groups and lines of business to collect documentation and evidence of security policies and operations
* Request and review documentation and evidence from control owners to certify and validate compliance to standards and industry-accepted best practice
* Monitor regulatory and legal landscape at a global scale and across market sectors and maintain awareness of compliance requirements
IT Governance
* Act as an informed voice in development of policy and ensure alignment with regulatory, legal, and contractual requirements
* Assist establishment and enforcement of standards of practice documentation to be referenced by architecture and operations teams
* Contribute process and subject matter expertise in governance forums and cross-functional committees
Cyber Risk Management
* Support establishment, collection, and ongoing improvement of metrics to measure effectiveness of cyber risk management and provide data-driven insight to decision makers and control owners
* Collaborate with peer D&IT groups to collect KPI's, KRI's and drive efficiency through automation and other means
Supplier/Third Party Risk Management
* Contribute subject matter expertise through third party risk assessment process
* Identify and communicate risk of vendor engagements and mitigation actions to business owners and D&IT stakeholders
* Assist review of client security requirements in contracts and aggregate relevant clauses to inform contractual risk
Miscellaneous:
* Assist development of user training aligned with cyber threat landscape, establish and implement metrics, and propose enhancements
* Support internal audit
* Assist with security certification/attestations/audits to demonstrate control effectiveness to independent service auditors/assessors and C3
PAO's
* Assist in development of risk treatment plans and monitoring progress of actions.
* Collaborate with members of the GRC team to ensure timely and quality deliverables to internal and external customers
* Contribute subject matter expertise in review and response to internal and external sourced GRC related requests
Management Responsibilities
Individual Contributor
Preferred Qualifications
* 7-10 years of experience in GRC executing or auditing against standards, frameworks, and…
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×