GRC Analyst

University of OklahomaNorman, OK
Onsite

About The Position

Join OU Information Technology and be part of a team that advances the University of Oklahoma's purpose: We Change Lives. Our work supports student success, research innovation, operational excellence, and meaningful service to our university community. If you are driven to solve complex problems, strengthen critical systems, and use technology to create lasting impact across One OU, we invite you to bring your talent, curiosity, and commitment to a team where your work matters. The GRC Analyst is responsible for ensuring the organization's information systems and processes align with established cybersecurity, privacy, and regulatory standards. This role conducts in-depth security consultations and risk assessments to evaluate the effectiveness of security controls, identify vulnerabilities, and recommend mitigation strategies.

Requirements

  • Bachelor's Degree in Computer Science, Information Technology, or related field.
  • Experience or a combination of education & related experience can be considered in lieu of degree. A one-to-one ratio is used to determine the number of years of experience required in place of a degree.
  • None

Nice To Haves

  • Ability to perform effectively in high-pressure, fast-paced environments.
  • In-depth understanding of cybersecurity frameworks and standards
  • Strong verbal and written communication skills, with the ability to convey complex information clearly to both technical and non-technical audiences.
  • Excellent interpersonal and mentoring skills, with the ability to teach and guide others.
  • Familiarity with regulatory and compliance requirements
  • Understanding of network and system architecture, including common security configurations and vulnerabilities
  • Strong analytical and problem-solving skills for identifying security risks and evaluating mitigation strategies
  • Skilled in using risk assessment and compliance tools, vulnerability scanners, and GRC platforms.
  • Ability to effectively interpret and apply security policies, procedures, and technical standards
  • Ability to assess technical environments for compliance with security and privacy requirements
  • Ability to maintain confidentiality and handle sensitive information with discretion
  • Ability to adapt to changing technologies, threats, and regulatory landscapes

Responsibilities

  • Conducts security consultations to evaluate the effectiveness of security controls, identify risks, and recommend mitigation strategies.
  • Manages the security exception process by documenting, reviewing, and verifying deviations from established security postures.
  • Supports organizational compliance with cybersecurity, privacy, and data protection requirements.
  • Performs and prepares risk assessments for software, networks, systems, and third-party vendors.
  • Coordinates and produces records in response to Open Records requests.
  • Evaluates new and existing services for compliance with security, privacy, and regulatory obligations.
  • Assess systems and networks for configuration compliance, policy alignment, and potential security gaps.
  • Performs independent assessments of management, operational, and technical controls to determine overall effectiveness.
  • Collects, preserves, and documents digital evidence in support of investigations and preservation holds.
  • Performs other duties as assigned

Benefits

  • Benefits Eligible: Yes
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service