IT GRC Contract Analyst

NBCUniversal is one of the world's leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our global theme park destinations, consumer products, and experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, NBC Sports, Telemundo, NBC Local Stations, Bravo, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through our powerhouse film and television studios, including Universal Pictures, DreamWorks Animation, and Focus Features, and the four global television studios under the Universal Studio Group banner, and operate industry-leading theme parks and experiences around the world through Universal Destinations & Experiences, including Universal Orlando Resort, home to Universal Epic Universe, and Universal Studios Hollywood. NBCUniversal is a subsidiary of Comcast Corporation. Visit www.nbcuniversal.com for more information. Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world.

Job Description

NBCUniversal is seeking an experienced Governance, Risk, and Compliance (GRC) Analyst to support various functions within the Security Assurance – Governance team. The ideal candidate will have a strong understanding of cybersecurity, vendor contracts, negotiation of third party security standards, and the ability support additional governance functions like 3rd Party Security Reviews. Responsibilities:

• Collaborate with business leadership, Legal, Procurement, and Cyber to review terms and conditions, ensuring vendor and client obligations are aligned with internal cyber controls
• Undertake research as needed when control or regulatory questions arise
• Track status of risk remediations in the risk register with business stakeholders
• Monitor completeness and sustainability of remediation efforts
• Educate and raise awareness on risks and controls
• Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders
• Contribute to enterprise IT Risk and Control awareness efforts
• Maintain deep understanding of organization wide objectives, interactions, issues and risks
• Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks
• Perform other related duties and special projects, as assigned, to support evolving GRC and cybersecurity program needs

Qualifications

Requirements:

• Bachelor's degree or equivalent experience.
• Minimum of 2 years of experience in IT Governance, Risk or Compliance functions
• Knowledge of IT Risk Frameworks such as NIST, ISO, CSA, PCI, etc.
• Knowledge of contracting lifecycle
• Ability to work independently and in cross functional teams
• Strong analytic skills for problem analysis and resolution
• Experience in process management systems like Jira, Azure DevBoards, ServiceNow
• Experience with the MS office suite – Excel, PowerPoint, Word etc
• Strong written/verbal communication and organizational skills

Desired Characteristics:

• Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements.
• Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture.
• Ability to understand the big picture by aligning activities to business objectives and partnering with other IT GRC functions to align strategies and enterprise priorities.
• Industry certifications such as CRISC or CISA are a plus.

Additional Requirements:

• Fully Remote:

This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence. This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $65,000 - $85,000 Additional Information Apply tot his job Apply To this Job