Associate IT GRC Analyst

I. Job Summary

The IT GRC Associate role supports governance risk and compliance (GRC) activities for Digital and helps contribute to the overall Technology Risk program. The position focuses on learning core risk and security practices and keeping up with modern emerging technology trends while assisting with day-to-day execution and improvement efforts.

Key responsibilities include supporting the maintenance and update of Digital policies assisting with risk register updates helping coordinate security awareness training activities and promoting the use of compliance and automation tools. The role works closely with internal stakeholders to support strong security and risk controls across Digital initiatives.

This position also provides hands-on experience by assisting with testing configuring and improving cybersecurity tools while learning new technologies and processes to help deliver Digital initiatives. The role is ideal for someone eager to build foundational skills in technology risk security and compliance within a collaborative environment.

II. Essential Duties and Responsibilities

• IT Risk Management: Support the identification assessment and tracking of cybersecurity technology and data risks by gathering information maintaining documentation and assisting with mitigation activities. Stay informed about changes in regulations security best practices emerging technologies and company initiatives (including M&A activity) that may impact the organizations IT governance risk and compliance posture
• Continuous Monitoring: Support the implementation and adoption of continuous monitoring technologies and tools by assisting with configuration documentation testing and user enablement activities. Help track usage and effectiveness of controls and contribute towards automating processes and generating efficiencies
• Policy Governance: Support the creation and maintenance of policies and standards by assisting with documentation updates stakeholder reviews and version management. Help coordinate and support company wide implementation and adoption efforts
• Compliance Management: Prepare draft compliance reports and dashboards detailing findings mitigation progress and expected timelines log issues and actively track remediation actions to closure. Assist with documenting management risk acceptance decisions in accordance with established processes and templates.
• Security and Awareness Training: Execute and support cybersecurity awareness activities by running phishing simulations coordinating security training communications assisting with awareness campaigns and collecting results. Analyze participation and performance metrics and help prepare reports that demonstrate training effectiveness to leadership.
  

III. Qualifications

A. Required Qualifications

• Bachelors Degree in Computer Science MIS or similar area of study.
• 4 years of related experience may substitute for the Bachelors degree.

B. Preferred Qualifications

• 1-2 years of previous experience preferred

• 1-2 years of experience in IT compliance with responsibilities involving interpretation of regulatory requirements (eg. SOX PCI DSS ERCOT PII CCPA EPA etc.) and demonstrated success in translating them into actionable and sustainable compliance strategies. Recent exposure to Agentic AI tools and related governance strategies strongly preferred.

  C. Additional Knowledge Skills and Abilities preferred

• Experience in the areas of change control problem management incident management troubleshooting security solutions
• Technical understanding and awareness to security best practices to be implemented for modern systems such as Oracle ERP AWS and other agentic/AI/ML solutions
• Familiarity/prior exposure to agentic AI tools and willingness to learn other tools
• Strong verbal and written communication skills to work with cross-functional teams.
  
• IV. Physical Requirements
  
  Listed below are key points regarding physical demands physical and occupational risks and the work environment of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of the job.
• Repetitive Motions
• Eye/Hand/Foot Coordination
• Sitting
• Talking
• Hearing

Office: This job primarily operates in a professional office environment and routinely requires the use of standard office equipment such as computers phones copy machines etc.

V. Benefits
At WM each eligible employee receives a competitive total compensation package including Medical Dental Vision Life Insurance and Short Term Disability. As well as a Stock Purchase Plan Company match on 401K and more! Our employees also receive Paid Vacation Holidays and Personal Days. Please note that benefits may vary by site.

If this sounds like the opportunity that you have been looking for please click Apply.