Analysis Skills, Communication Skills, Community and Social Services, Computer Science, Computer Security, Environmental Compliance, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Interpersonal Skills, Mentoring, Multitasking, Network Architecture/Engineering, Network Systems, Operations Research, Presentation/Verbal Skills, Privacy Controls, Privacy Regulations, Problem Solving Skills, Regulations, Regulatory Compliance, Risk, Risk Analysis, Risk Management, Security Analysis, Security Compliance, Security Consulting, System Architecture, Technical Analysis, Technical Research, Training/Teaching, Vulnerability Scanners, Writing Skills
GRC Analyst Intermediate
- 493218
- Norman
- Technology/Research
- Information Technology
- S10
Add to favorites View favorites
Pay Range: Targeted salary $70,000, depending on education and experience.
Benefits Eligible: Yes
Work Schedule: Monday - Friday, 8:00 a.m. to 5:00 p.m.
Travel: Not required
For Best Consideration Date: 08/10/2026
Position Introduction:
Join OU Information Technology and be part of a team that advances the University of Oklahoma's purpose: We Change Lives. Our work supports student success, research innovation, operational excellence, and meaningful service to our university community. If you are driven to solve complex problems, strengthen critical systems, and use technology to create lasting impact across One OU, we invite you to bring your talent, curiosity, and commitment to a team where your work matters...
The GRC Security Analyst is responsible for ensuring the organization''s information systems and processes align with established cybersecurity, privacy, and regulatory standards. This role conducts in-depth security consultations and risk assessments to evaluate the effectiveness of security controls, identify vulnerabilities, and recommend mitigation strategies.
View full job description.
Required Education and Experience:
- Bachelor''s Degree in Computer Science, Information Technology, or related discipline
- 3 years of experience in governance, risk, and compliance (GRC), cybersecurity, information assurance or related field
Equivalency/Substitution: Experience or a combination of education & related experience can be considered in lieu of degree. A one-to-one ratio is used to determine the number of years of experience required in place of a degree.
Required Certifications and Licenses:
None
Department Preferences:
- Ability to perform effectively in high-pressure, fast-paced environments.
- In-depth understanding of cybersecurity frameworks and standards.
- Strong verbal and written communication skills, with the ability to convey complex information clearly to both technical and non-technical audiences.
- Excellent interpersonal and mentoring skills, with the ability to teach and guide others.
- Familiarity with regulatory and compliance requirements.
- Understanding of network and system architecture, including common security configurations and vulnerabilities.
- Strong analytical and problem-solving skills for identifying security risks and evaluating mitigation strategies.
- Skilled in using risk assessment and compliance tools, vulnerability scanners, and GRC platforms.
Ability to effectively interpret and apply security policies, procedures, and technical standards.
- Ability to assess technical environments for compliance with security and privacy requirements.
- Ability to maintain confidentiality and handle sensitive information with discretion.
- Ability to adapt to changing technologies, threats, and regulatory landscapes.
- Extended periods of sitting, working at a computer, and using a phone.
- Requires sound judgment under pressure and the ability to manage multiple competing priorities effectively.
- Occasional evening, weekend, or on-call availability during critical incidents or high-severity events.
Hiring Contingent Upon a Background Check: Yes