Governance, Risk & Compliance Analyst

Governance, Risk & Compliance Analyst University of Nebraska System - 4.2 Lincoln, NE Job Details Full-time From $71,800 a year 15 hours ago Benefits Paid holidays Retirement plan Qualifications Vulnerability scanning implementation Security risk assessment investigation NIST standards Regulatory Frameworks (Architecture security) Research regulatory compliance Educational compliance and regulation understanding RMF Security Testing Vuls Full Job Description Job Description Job Summary: The Governance, Risk, and Compliance Analyst (GRC Analyst) will serve as a key member of the Research IT team at the University of Nebraska. The GRC Analyst for Research is responsible for the assessment and documentation of the University's compliance and risk posture as they relate to its Research information assets. The person in this position will focus on collaboration, review, and compliance with regulatory standards by campus research entities. The regulatory standards include, but are not limited to, NIST 800-171, CMMC, and DFARS. Responsible for developing and maintaining cybersecurity control documentation and complying with cybersecurity standards. This position will uphold the ITS core principles of outstanding collaboration and communication, a drive to succeed, a passion for higher learning, and acting with integrity. Additional Info About Us: University of Nebraska employees enjoy a flexible benefits program allowing you to customize your benefits to suit your personal needs; paid vacation and sick leave in addition to 13 paid holidays; access to career-advancing educational programs, including and employee and dependent tuition benefit applicable at any of the NU campuses; and immediate vesting pre-tax retirement benefits. Required Qualifications: Bachelor's degree 3 years experience in Information Technology or with risk management frameworks and compliance practices Knowledge of NIST standards and other applicable research compliance frameworks Demonstrated ability to interpret and implement standards, guidelines, compliance frameworks and best practices Experience performing risk assessments Equivalent combination of education and experience, that provides the required knowledge, skills, and abilities may be considered. (SR GRC Level) Bachelor's degree 5 years' experience in information technology preferably in IT security Demonstrated knowledge of NIST standards and other applicable research compliance frameworks Knowledge of securing network technologies, client, and server operating systems Ability to develop security standards and guidelines based on security compliance frameworks and best practices Experience using security tools (vulnerability scanners, intrusion prevention systems, firewalls, VPN's, data loss prevention, etc.) Equivalent combination of education and experience, that provides the required knowledge, skills, and abilities may be considered. Preferred Qualifications: Master's degree Information security and compliance related training or certifications such as CISSP or CRISC Understanding of information security standards and regulatory regulations related to higher education (FERPA, PCI, HIPAA) Experience within a higher education environment Experience using security tools (vulnerability scanners, intrusion prevention systems, firewalls, VPN's, data loss prevention, etc.) Knowledge of securing network technologies, client, and server operating systems (SR GRC Level) Master's degree Experience performing information security audits or risk assessments Experience with security audit or assessment processes Information security related training or certifications such as CISSP or CRISC Experience within a higher education environment Additional Information: The ideal candidate is an agile professional with strong interpersonal communication skills, flexibility and responsiveness; exhibits high ethical standards; proficient in managing time and competing priorities; responsive and committed to supporting University staff; committed to the ideals of a major public research university. Special Instructions: Please note: Sponsorship will not be offered for this position. This position is not eligible for an alternative worksite arrangement and is categorized as on-site. Once a candidate is hired into this role, hybrid work arrangements (defined by NU ITS as a minimum of three days per week on NU Campus and up to two days per week remote) may be available for candidatses who successfully meet minimum performance criteria during the initial probationary employment period. Position title and salary will be determined based on education and experience of candidate. Information at a Glance Req Id: 2305 Campus Name: University of Nebraska System (UNOP) Org Unit: Information Technology Services UNCA Job Location: Lincoln, NE 68588 Application Review Date: 6/15/26 Open Until Filled: Yes Advertised Salary: Minimum of $71,800 Job Type: Full-Time Worksite Eligibility: Hybrid Benefits Eligible: Yes