IT Security - GRC Analyst (NFWS)

Come Grow With UsGrand Canyon Education (GCE) is a rapidly growing educational service company that has long been an industry leader in providing educational, operational and technological support services to the post-secondary education sector. Formerly part of Grand Canyon University (GCU), GCE still works closely with GCU to benefit thousands of students, families and the local inner-city community. We put people first, drive innovation, and do good in the community that we live and work in.Grand Canyon Education is seeking a Governance, Risk and Compliance Analyst (GRC). This Information Security Analyst - GRC is a hybrid business and technical position within the Information Security Office requiring knowledge of information security controls and procedures, regulations, legal requirements and applicable compliance frameworks. This position is responsible for ensuring compliance, providing governance support for adhering to security and compliance standards and quantifying risk levels from aggregate security and compliance concerns.Please Note, this is a Hybrid Arizona position and will require you be in the office an average of 1 time per week. Please also note that remote work is only permitted within 30 miles of GCU Campus for Student Worker positions.ResponsibilitiesEnsure compliance with applicable standards, such as SOX, PCI DSS, HIPAA, FERPA, CCPA, GDPR, etc. – leading the audit, evidence collection and reporting processes. Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards – as well as, enforcement of secure practices. Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms. Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines. Assist Legal with the review and response to Consumer Privacy Requests.Assist with the approval and management of cloud application access requests along with any additional application access requests submitted via the approved change management platform.Other duties as assigned.QualificationsSpecific compliance or regulatory certifications are a huge plus but not required. Previous experience in GRC, security or other technology roles – with solid foundation in documentation, meeting facilitation and risk reporting is a plus. Ability to find required answers to compliance / risk questions using existing security tools, typically starting from the SEIM and moving into OSINT as needed.A strong curiosity, sense of focus and willingness to perform deep research and analysis to find and resolve issues that relate to audits / findings. Team player with demonstrated ability to work without guidance.Strong written and oral communication skills.Provide a positive example to students by supporting the University’s Doctrinal Statement, Ethical Position Statement and Mission of Grand Canyon University.Experience/EducationGrand Canyon University is committed to a student first policy. Therefore, all applicants must meet the following eligibility requirements to be considered for student employment:Enrolled at GCU as a full-time student in a Bachelor’s program or Master’s program.Retain a 2.0 GPA as a Bachelor level student or a 3.0 GPA as a Master level student.Maintain good financial and academic (SAP) standing with the University.You may be subject to termination if you fall below the minimum requirements.Pay Rate: Minimum WageAnticipated End Date: June 30, 2026