Governance Risk and Compliance Analyst (GRC Analyst)
- Full-time
Company Description
When you join Turnitin, you'll be welcomed into a company that is a recognized innovator in the global education space. For more than 20 years, Turnitin has partnered with educational institutions to promote honesty, consistency, and fairness across all subject areas and assessment types. Over 16,000 academic institutions, publishers, and corporations use our services: Gradescope by Turnitin, iThenticate, Turnitin Feedback Studio, Turnitin Originality, Turnitin Similarity, ExamSoft, Ouriginal and ProctorExam.
Turnitin has offices in Australia, India, Indonesia, Germany, Japan, Korea, Mexico, the Netherlands, the Philippines, Sweden, Ukraine, the United Kingdom, and the United States. Our diverse community of colleagues are all unified by a shared desire to make a difference in education. Come join us, and let's make change together.
Job Description
We are looking for someone who brings governance, risk and compliance experience, attention to detail and the willingness to continuously learn. This role reports into the Sr. Director of Security and Compliance and will be a core member of the compliance team at the global leader in education technology.
As a GRC Analyst, you will be a key member of the GRC team tasked with administering cybersecurity programs supporting compliance, security, privacy and customer driven obligations.
- Evaluate risk management controls related to SOC 2 and NIST 800-53
- Contribute to the establishment of Turnitin solutions as StateRAMP authorized products
- Engage with customers and internal stakeholders to ensure contractual obligations around security and privacy are properly communicated
- Perform risk assessments and support associated risk management activities.
- Review and document IT Security policies, procedures, processes, programs, and practices to guide toward continuous compliance with industry laws, regulations, and frameworks.
- Promote and monitor our cybersecurity education and training programs.
Qualifications
Basic Qualifications
Minimum 4 years of experience in information security
Background in:
Security Risk and Compliance
Risk assessments to ensure compliance with corporate security policies, regulatory requirements, and adherence to best practices.
Formal security controls, assessment, and testing programs.
Working with customer security teams
Vendor Risk Management.
- Capable of prioritizing and managing assignments, tasks, and projects to completion with minimal supervision.
- Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment.
- Must embody a passion for learning to continually improve themselves and those around them
- Incredibly organized, self-starting individual capable of driving deliverables through to completion
Preferred Qualifications
- BS degree and/or experience in IT compliance, IT security, IT audit or related role.
- Professional Certification such as CISSP, CISA, CRISC, or other relevant industry certification.
- Experience with FedRAMP and/or StateRAMP authorization process
- Experience with SOC 2 audits
- Familiarity with NIST 800-53 standard
- Reviewing and negotiating data security issues in customer facing engagements.
- Strong technical, analytical, and problem-solving skills.
- Strong technical writing skills.
- Experience creating written policies and procedures related to IT Security.
- Experience conducting periodic internal security reviews or risk assessments to ensure that compliance procedures and technical configurations are followed.
- Provide guidance on compliance with global data security laws, regulations, industry standards, self-regulatory requirements, and best practices applicable to the aerospace industry.
- Ability to interface with all levels within the organization and provide input to facilitate decisions.
Additional Information
Our Mission is to ensure the integrity of global education and meaningfully improve learning outcomes.
Our Values underpin everything we do.
- Customer-Centric - We realize our mission to ensure integrity and improve learning outcomes by putting educators and learners at the center of everything we do.
- Passion for Learning - We seek out teammates that are constantly learning and growing and build a workplace that enables them to do so.
- Integrity - We believe integrity is the heartbeat of Turnitin. It shapes our products, the way we treat each other, and how we work with our customers and vendors.
- Action & Ownership - We have a bias toward action and empower teammates to make decisions.
- One Team - We strive to break down silos, collaborate effectively, and celebrate each other’s successes.
- Global Mindset - We respect local cultures and embrace diversity. We think globally and act locally to maximize our impact on education.
Seeing Beyond the Job Ad
At Turnitin, we recognize it’s unrealistic for candidates to fulfill 100% of the criteria in a job ad. We encourage you to apply if you meet the majority of the requirements because we know that skills evolve over time. If you’re willing to learn and evolve alongside us, join our team!
Turnitin, LLC is committed to the policy that all persons have equal access to its programs, facilities and employment. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.