GRC Analyst Lead

Required Education: Bachelors Degree in Computer Science Information Technology or related discipline AND:

• 7 years of experience in governance risk and compliance (GRC) cybersecurity information assurance or related field

Equivalency/Substitution: Experience or a combination of education & related experience can be considered in lieu of degree. A one-to-one ratio is used to determine the number of years of experience required in place of a degree.

Skills:

• Ability to perform effectively in high-pressure fast-paced environments.
• In-depth understanding of cybersecurity frameworks and standards
• Strong verbal and written communication skills with the ability to convey complex information clearly to both technical and non-technical audiences.
• Excellent interpersonal and mentoring skills with the ability to teach and guide others.
• Familiarity with regulatory and compliance requirements
• Understanding of network and system architecture including common security configurations and vulnerabilities
• Strong analytical and problem-solving skills for identifying security risks and evaluating mitigation strategies
• Skilled in using risk assessment and compliance tools vulnerability scanners and GRC platforms.
• Ability to effectively interpret and apply security policies procedures and technical standards
• Ability to assess technical environments for compliance with security and privacy requirements
• Ability to maintain confidentiality and handle sensitive information with discretion
• Ability to adapt to changing technologies threats and regulatory landscapes
• Ability to lead and train junior level staff

Certifications: None

Working Conditions:

• Requires extended periods of sitting working at a computer and using a phone.
• Requires sound judgment under pressure and the ability to manage multiple competing priorities effectively.
• Office Work Environment.
• Occasional evenings weekend or on-call availability during critical incidents or high-severity events

Supervision: Yes

Why You Belong at the University of Oklahoma:The University of Oklahoma values our communitys unique talents perspectives and experiences. At OU we aspire to harness our innovation creativity and collaboration for the advancement of people everywhere. You Belong Here!

Equal Employment Opportunity Statement:The University in compliance with all applicable federal and state laws and regulations does not discriminate on the basis of race color national origin sex sexual orientation marital status genetic information gender identity/expression (consistent with applicable law) age (40 or older) religion disability political beliefs or status as a veteran in any of its policies practices or procedures. This includes but is not limited to admissions employment housing financial aid and educational services.

OU Information Technology is searching for a Lead GRC Analyst who will be responsible for ensuring the organizations information systems and processes align with established cybersecurity privacy and regulatory standards. This role conducts in-depth security consultations and risk assessments to evaluate the effectiveness of security controls identify vulnerabilities and recommend mitigation strategies.

Why OU

In addition to a job that gives fulfillment and your salary you will also have access to a generous benefits package that includes:

• 14 holidays each year and 18 22 hours of earned PTO per month.
• Insurance plans for you and your family.
• Retirement options that require no contributions from the employee.
• And much more! For a list of OUs benefits click here!
  

Duties:

• Develop and maintain IT security policies strategies and governance documentation including required TEA content to ensure organizational compliance with applicable laws regulations and standards.
• Analyze data from multiple sources to provide actionable insights on cybersecurity and privacy risks trends and opportunities for improvement.
• Evaluate technology programs and components for compliance with published security and privacy standards; recommend and oversee corrective actions.
• Anticipate and respond to changes in cybersecurity policy regulations technology and staffing requirements to maintain organizational readiness.
• Lead and coordinate defined security programs ensuring overall success alignment with organizational priorities and effective communication with stakeholders.
• Provide guidance direction and mentorship to security analysts at all levels ensuring consistent application of policies procedures and best practices across the team.

• Performs other duties as assigned

  **The position will be located on the OKC campus with a hybrid work model option for experienced candidates.**