Sr Analyst GRC Cybersecurity

NRECA is a unique national trade association providing advocacy, financial services, and business support services to over 900 consumer-owned electric cooperatives across the country. The Sr Analyst GRC Cybersecurity position leads key functions within Cybersecurity Governance, Risk, and Compliance, including cybersecurity risk identification, assessment, prioritization, and lifecycle governance, as well as compliance and issue management.

Requirements

• Advises IT and business units by leading activities to identify, assess, and prioritize cybersecurity risks
• Partners with risk and control owners to develop, implement, and maintain risk registers and metrics
• Manages compliance and issue management activities, coordinating with regulators and auditors to track and remediate issues
• Analyzes findings to identify vulnerabilities and opportunities to strengthen controls, governance, and mitigation
• Facilitates monthly security risk meetings to report activities, metrics, risks, and improvement opportunities
• Optimizes the risk governance framework based on best practices and guides IT and business stakeholders in implementing governance requirements
• Leads development of third-party risk management policies and standards and advises on the annual assessment plan
• Defines risk and control requirements for systems, data, and technology across cloud, on-premises, and third-party environments
• Maintains and continually develops expertise in GRC trends, technologies, and evolving methods to ensure organizational alignment with current practices

Benefits

• Generous Paid Time Off
• 401k Matching
• Retirement Plan
• Health insurance
• Paid vacation days
• Paid holidays