×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Cybersecurity Data Security

Governance Risk and Compliance Analyst

Job in Chandler, Maricopa County, Arizona, 85249, USA
Listing for: Universal Technical Institute, Inc.
Full Time position
Listed on 2026-03-05
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 87000 - 105000 USD Yearly USD 87000.00 105000.00 YEAR
Job Description & How to Apply Below

Overview

The Governance Risk and Compliance Analyst oversees third‑party and internal risk assessments to support enterprise information security and governance, risk, and compliance (GRC) initiatives. This position manages vendor due diligence, maintains an accurate risk register, partners with internal stakeholders on mitigation strategies, and drives continuous improvement of the risk and compliance framework.

Pay Range

$87,000 - $105,000

What We Offer
  • Tuition Waiver:
    Enjoy a tuition waiver after 6 months of employment for you AND your immediate family offered at UTI and Concorde campuses
  • Paid Time Off:
    Competitive paid time off programs for employees (Vacation, Sick, Flexible)
  • Retirement Matching: 50% match on the first 6% of your contributions after 90 days
  • Paid Parental Leave: 4 weeks of paid leave for both birthing and non‑birthing parents to bond with a new baby
  • Competitive Insurance:
    Health, vision, and dental coverage for you and your dependents
  • Pet Insurance:
    Competitive coverage for your furry family members through ASPCA
  • Health Plan Enrollment:
    Eligibility starts first of the month following completing one full month of employment
Responsibilities
  • Execute comprehensive risk assessments aligned with the organization’s risk management framework to identify, evaluate, and prioritize potential threats
    • Support the third‑party onboarding process by assessing business criticality and evaluating the security posture of prospective vendors and partners
    • Conduct periodic due diligence reviews of existing third‑party relationships based on risk tiering, ensuring ongoing compliance and risk mitigation
    • Collaborate with risk owners to develop, implement, and monitor mitigation strategies, while tracking progress and ensuring timely remediation
  • Maintain and continuously update the third‑party inventory, ensuring accurate records of vendors, partners, and regulatory entities
  • Contribute to the enhancement of the organization’s risk management and compliance programs by supporting the development and refinement of policies, processes, and controls
    • Stay informed on evolving risk and compliance standards, frameworks, and best practices, and recommend integration of relevant updates into internal processes
    • Manage and maintain the enterprise risk register, ensuring timely updates and tracking of risk review cycles and deadlines
    • Lead risk assessments required as part of regulatory and industry compliance efforts such PCI DSS and GLBA
  • Assist in the development and reporting of key performance indicators (KPIs) and metrics to measure the effectiveness of GRC initiatives
  • Support risk committee operations by preparing meeting materials, capturing minutes, and coordinating stakeholder updates
  • Evaluate policy exception requests in collaboration with Information Security team members, ensuring appropriate risk considerations are addressed
  • Drive process improvement and innovation by identifying opportunities to streamline workflows and automate manual tasks
  • Provide support across a range of GRC functions including security control testing, audit readiness, documentation of procedures, and compliance assessments
  • Other duties as assigned
Qualifications Education & Experience
  • HS Diploma or GED (required)
  • Bachelor’s degree in information security, Computer Science, or another relevant field (preferred)
  • Minimum of four (4) years of experience in governance, risk management, compliance or another relevant field (required)
  • Experience conducting internal and external risk assessments, including those aligned with regulatory requirements such as GLBA and PCI (required)
  • Experience developing and tracking metrics and KPIs to evaluate risk and compliance performance (preferred)
  • Experience using GRC tools to streamline processes and improve efficiency; implementation experience (preferred)
  • Experience using Compyl for GRC activities. (preferred)
Skills
  • Strong understanding of common security controls and alignment to key regulations and standards such as NIST, FERPA, GLBA, HIPAA, PCI, and SOX (required)
  • Strong understanding of risk management principles and common frameworks
  • Knowledge of cloud-based security tools and controls (e.g. Azure, O365, AWS)
  • Skilled…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search