IT Governance, Risk and Compliance Analyst 1

Join Maverik’s Growing IT Team as an IT GRC Analyst
At Maverik, we're building a new, high-visibility governance, risk, and compliance (GRC) program to support our IT strategies and business goals.

As an IT GRC Analyst, you’ll play a key role in developing, implementing, and enhancing our IT governance frameworks, policies, and processes.

This is an exciting opportunity to collaborate with IT leadership and work on impactful projects that contribute directly to the organization’s success.

If you're ready to make a difference and grow in a dynamic environment, we’d love to hear from you!

Essential Duties and Responsibilities:


* Governance: Assist with developing, implementing, and enhancing IT governance frameworks, policies, and activities to align IT strategies with business goals, ensuring optimal efficiency and effectiveness, including business impact analyses and change management process. 


* Risk Management: Assist with risk assessments, identifying potential risks, evaluating their impact, and developing strategies to mitigate and monitor them effectively.


* Compliance: Perform activities to validate the organization’s compliance with relevant laws, regulations, industry standards or frameworks, and internal policies, staying current with changes in compliance requirements.

This includes coordinating, tracking, and verifying remediation of any gaps or findings.


* Security Awareness: Promote compliance with regulatory requirements, industry frameworks, internal Information Security policies, and IT best practices.

Qualifications: Education


* Bachelor’s degree in information security, cybersecurity, information systems, business administration, or related field preferred


* Certifications preferred: CompTIA Security+, CompTIA Network+, CISA, CRISC, CIA

Qualification: Experience



* 2+ years working in IT governance, audit, risk management, compliance, or GRC role preferred 


* 1+ years working in information technology, cybersecurity or related technical experience preferred 

Qualifications:  Team Member Competencies


* Demonstrate basic knowledge of commonly used concepts, principles, and practices of Information Security such as access control, network concepts, operating system security, vulnerability management, email security, and endpoint protection.


* Demonstrate basic understanding of common security and privacy frameworks and regulation, and IT general controls.


* Familiarity with risk management practices, and risk-based thinking to drive prioritization.


* Basic understanding of audit processes and requirements is desirable.


* Ability to maintain the strictest confidentiality.


* Interest in obtaining security or risk management certifications, with a willingness to pursue them.


* Ability to learn and adapt quickly to new technologies in a general sense.


* Able to work with minimal supervision, self-motivated, and organized.
...