North End Teleservices LLC · 1 month ago
IT GRC Analyst
Omaha Tower, 2120 South 72nd Street, Omaha, NE, USA
Full-time
Onsite
Entry, Mid Level
1+ years expNorth End Teleservices LLC is focused on optimizing its cybersecurity posture through governance, risk, and compliance activities. The IT GRC Analyst will ensure adherence to regulatory requirements while managing risks and implementing internal governance policies related to cybersecurity standards.
Customer ServiceOutsourcingTechnical Support
Responsibilities
Development, alignment, maintenance, and regular audit of policies related to cyber security and risk including:
Information Security Policy (annual review)
Business Continuity Plan (annual review)
Disaster Recovery Plan (annual review)
Incident Response Plan (annual review)
Risk Management Program (annual review)
Acceptable Use Policies (annual review)
Removeable Media Policy (annual review)
Technology Control Plan (annual review)
Security Awareness and Training Policy (annual review)
Media Marking and Handling Policy (annual review)
AI Policy (annual review)
Other policies as assigned
Development, alignment, maintenance, and audit of procedures that impact cyber security controls including:
Access Control Procedure
Operational Change Management Procedure
Network Access Management Procedure
Log Management Procedure
Other procedures as assigned
Management, execution and follow-up related to recurring functions as assigned including:
Security Awareness Training campaigns (quarterly)
Vulnerability Assessments reviews (monthly)
Log Management procedures (weekly)
Risk Register meetings (quarterly)
Tabletop exercises (annually)
Active network user audits (monthly)
Approved application audits (annually)
Review of employee cybersecurity training/acknowledgement program (annually)
Public-facing Resources Audit (annually)
Security Controls Assessment (annually)
User Access Review (annually)
Power continuity review (annually)
All aspects of Risk Management Program (as needed)
Other functions as assigned (as needed)
Execution of ad hoc cybersecurity tasks as needed
Routine maintenance of policies and procedures in line with business changes
Response to cybersecurity incidents, related logging, forensics, and action
Review of CISA alerts and associated Risk Register updates
Cybersecurity projects as assigned
Cybersecurity partnership management and optimization
Operational Change Management review discussions and form completion as needed
Periodic cybersecurity training for team members
Meetings and related follow-up
Cybersecurity support for customer inquiries and sales opportunities
Other tasks as assigned
Management of certain platform software and documentation as assigned including:
Security Awareness Training Platform
Password Vault Platform
Section 508 Accessibility Platform
Other platforms as assigned
Governance, Risk, and Compliance documentation
Qualification
Required
Knowledge of Security Frameworks & Regulations – Understanding of ISO 27001, NIST 800-X, CMMC, SOC 2, HIPAA, PCI DSS, and GDPR
Risk Management – Ability to conduct risk assessments, identify vulnerabilities, and implement mitigation strategies
Compliance Auditing – Experience with internal/external audits, compliance reporting, and policy documentation
GRC Tools & Platforms – Familiarity with cyber security tools related to functions such as security awareness training, log management, vulnerability assessment and other functions
Security & IT Fundamentals – Understanding of cybersecurity principles, cloud security (AWS, Azure, GCP), and identity & access management (IAM)
Risk Analysis – Ability to evaluate threats, vulnerabilities, and business impact
Data Interpretation – Analyzing compliance reports, audit findings, and security metrics to improve risk posture
Communication & Reporting – Ability to explain complex compliance requirements to technical and non-technical stakeholders
Organization – Ability to manage job functions proactively with maximum efficiency and results
Attention to Detail – Ability to perform job functions thoroughly with outcomes that align with business needs
Project Management – Ability to define project targets and coordinate resources for successful execution
Relationships – Ability to develop professional relationships and lead discussions that foster collaboration on cyber security initiatives
Preferred
Bachelor's degree in Information Security, Business, Information Systems, or related field preferred
1–4 years of experience in GRC, cybersecurity, audit, or risk management (depending on level)
Experience with GRC tools (e.g., ServiceNow GRC, Archer, OneTrust, LogicGate, Drata, Vanta)
Strong organizational and time management skills
Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint) and video conferencing tools
Excellent verbal and written communication skills
Strong understanding of risk management principles and compliance frameworks
Excellent analytical, documentation, and report-writing capabilities
Ability to work cross-functionally and communicate with both technical and non-technical stakeholders
Strong organizational skills and attention to detail
Familiarity with security concepts (identity management, access controls, network security, etc.)
Company
North End Teleservices LLC
North End Teleservices is a state of the art contact center provider founded with a strong belief in urban development.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
unknown2018-10-03Debt Financing
Leadership Team
Carmen Tapio
Owner and Chief Executive Officer
Christopher Phillips
Chief Operating Officer
Recent News
Company data provided by crunchbase