IT GRC Analyst (Cyber Contract Management)

IT GRC Analyst (Cyber Contract Management) Full-time Location: 30 Rockefeller Plaza, New York, NEW YORK Salary: USD65,000 - USD85,000 per year Company: NBCUniversal Job Description Governance, Risk, and Compliance (GRC) Analyst to support various functions within the Security Assurance – Governance team. The ideal candidate will have a strong understanding of cybersecurity, vendor contracts, negotiation of third party security standards, and the ability support additional governance functions like 3rd Party Security Reviews. Responsibilities: - Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions, ensuring vendor and client obligations are aligned with internal cyber controls - Undertake research as needed when control or regulatory questions arise - Track status of risk remediations in the risk register with business stakeholders - Monitor completeness and sustainability of remediation efforts - Educate and raise awareness on risks and controls - Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders - Contribute to enterprise IT Risk and Control awareness efforts - Maintain deep understanding of organization wide objectives, interactions, issues and risks - Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks - Perform other related duties and special projects, as assigned, to support evolving GRC and cybersecurity program needs Qualifications Requirements: - Bachelor's degree or equivalent experience - Minimum of 2 years of experience in IT Governance, Risk or Compliance functions - Knowledge of IT Risk Frameworks such as NIST, ISO, CSA, PCI, etc. - Knowledge of contracting lifecycle - Ability to work independently and in cross functional teams - Strong analytic skills for problem analysis and resolution - Experience in process management systems like Jira, Azure DevBoards, ServiceNow - Experience with the MS office suite – Excel, PowerPoint, Word etc - Strong written/verbal communication and organizational skills Desired Characteristics: - Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements - Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture - Ability to understand the big picture by aligning activities to business objectives and partnering with other IT GRC functions to align strategies and enterprise priorities - Industry certifications such as CRISC or CISA are a plus Additional Requirements: Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence Salary range: $65,000 - $85,000 Apply Now Apply Now