Senior IT GRC Analyst

Job description

Company Description

NBCUniversal is one of the world’s leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our theme parks and consumer experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, MSNBC, CNBC, NBC Sports, Telemundo, NBC Local Stations, Bravo, USA Network, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through Universal Filmed Entertainment Group and Universal Studio Group, and have world-renowned theme parks and attractions through Universal Destinations & Experiences. NBCUniversal is a subsidiary of Comcast Corporation.

Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world.

Comcast NBCUniversal has announced its intent to create a new publicly traded company (‘Versant’) comprised of most of NBCUniversal’s cable television networks, including USA Network, CNBC, MSNBC, Oxygen, E!, SYFY and Golf Channel along with complementary digital assets Fandango, Rotten Tomatoes, GolfNow, GolfPass, and SportsEngine. The well-capitalized company will have significant scale as a pure-play set of assets anchored by leading news, sports and entertainment content. The spin-off is expected to be completed during 2025.

Job Description

As a Sr IT GRC Analyst within the Cyber Assurance Organization, you will support the execution of programs and services enabling NBCUniversal to meet compliance requirements and reduce risk. You will interface with business leaders and technologists to drive policy into practice to securely enable creativity and innovation. Key areas of focus for this role include effective operation of access review internal control services, managing control operation reporting, control design consultation and quality assurance testing.

Responsibilities:

• Manage access reviews for important systems from kick-off through completion
• Support services, projects and initiatives managed by the Access Review Operations Compliance teams
• Work with Cyber stakeholders and partners to support the intent of internal control and external regulatory requirements
• Educate and raise awareness on access risks and controls
• Assist stakeholders with control design and enhancements
• Continuously identify, assess, measure and monitor information security risk and assist with remediation
• Undertake research as needed when control or regulatory questions arise
• Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders
• Liaise with risk champions, application owners, control owners, risk SMEs such as Cyber Security, Internal Audit and specialized risk management teams
• Contribute to enterprise IT Risk and Control awareness efforts
• Maintain deep understanding of organization wide objectives, interactions, issues and risks
• Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks.

Qualifications

Requirements:

• Bachelor’s degree or equivalent experience
• 3+ years of experience in IT Governance, Risk or Compliance or Identity Access Management functions, including roles in security analysis
• Working knowledge of Principle of Least Privilege, Zero Trust and the Identity and Access Management Lifecycle
• Understanding and knowledge of security, risk and privacy regulatory frameworks such as SCF, NIST, SOX, PCI, HIPAA, ISO, CSA, etc.
• Knowledge of IT platforms, web, middleware, cloud services (IaaS, PaaS, SaaS), database, servers, virtualization, routers and firewalls
• Ability to work independently and in cross-functional teams
• Strong analytic skills for problem analysis and resolution
• Experience with the MS office suite – Excel, PowerPoint, Word etc.
• Excellent written/verbal communication and organizational skills
• Understanding of the concepts of information risks and the different elements that make up risk. In addition, understand fundamental concepts of information security
• Experience in Governance, Risk or Compliance or Identity Access Management in a global environment
• Self-starter who can function independently with limited direction
• Strong communication and planning skills
• Strong leadership skills, social and business acumen, and proven results working with leaders across organizational and business lines to solve complex problems

Desired Characteristics:

• Experience in Project Management
• Experience implementing access review controls to provide reasonable assurance that inappropriate levels of access are detected and remediated
• Experience conducting access certifications within SailPoint Identity IQ
• Demonstrated leadership skills with ability to influence and lead change
• Experience developing reports using Splunk, Power BI, Excel or similar platform
• Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements
• Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture
• Ability to understand the big picture by aligning activities to business objectives and partnering with other Cyber Assurance functions to align on strategies and enterprise priorities

Additional Requirements:

• Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence.

This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $115,000 - $130,000

Additional Information

As part of our selection process, external candidates may be required to attend an in-person interview with an NBCUniversal employee at one of our locations prior to a hiring decision. NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations by emailing [email protected].

For LA County and City Residents Only:  NBCUniversal will consider for employment  qualified applicants with criminal histories, or arrest or conviction records, in a manner  consistent with relevant legal requirements, including the City of Los Angeles’ Fair Chance Initiative For Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable.