IT GRC Analyst 3

NOTE: This position will be based in our Houston, TX office located in Galleria Tower 1.POSITION SUMMARY: Reporting to the Manager, IT Compliance, this position will be responsible for supporting the organizations governance, risk management, and compliance initiatives. This role involves identifying, assessing, and mitigating risks while ensuring compliance with policies, regulatory requirements, and industry standards. The IT GRC analyst collaborates with internal and external teams to maintain and improve the implementation of industry frameworks and standards, support audits, and develop business processes. This position will assist in the performance of routine audit activities such as quarterly user access reviews, risk registry maintenance, and documentation updates.ESSENTIAL DUTIES AND RESPONSIBILITIES:GovernancePolicy and procedure development for IT General Controls and related functionsFramework alignment of COSO, NIST, ISO, & ITIL to ITGCs in support of Sarbanes-Oxley (SOX)Reporting and communication of ITGC compliance status to managementStakeholder coordination during development and updates of IT controlsRisk ManagementRisk assessment supportControl development, testing, and monitoringIssue tracking and remediationRisk register maintenanceComplianceRegulatory compliance trackingAudit supportTraining and awarenessCompliance testingPerforms other duties as assigned.CORE COMPETENCIES: To perform the job successfully, the individual should demonstrate competencies in performing the essential functions of this position by performing satisfactorily in each of these competencies. Problem solving: Identifies and resolves problems in a timely manner, gathers and reviews information appropriately. Uses own judgment and acts independently; seeks input from other team members as appropriate for complex or sensitive situations.Oral/written communication: Listens carefully and speaks clearly and professionally in all situations. Edits work for accuracy and clarity, is able to create, read and interpret complex written information. Ability to develop strong interpersonal networks within the organization.Planning/organizing: Prioritizes and plans work activities, organizes personal and project timelines and deadlines, tracks project timelines and deadlines, and uses time efficiently.Adaptability: Adapts to changes in the work environment, manages competing demands and is able to deal with frequent interruptions, changes, delays, or unexpected events.Dependability: Consistently on time and at work, responds to management expectations and solicits feedback to improve performance.Team Building: Capable of developing strong interpersonal networks and trust within the organization.Safety Culture: Adheres to the NuScale Safety culture and is expected to model safe behavior and influence peers to meet high standards. Quality Assurance: Demonstrates understanding and implementation of quality assurance regulations, standards and guidelines of 10 CFR 50 Appendix B, 10 CFR 21, and ASME NQA-1. SKILLS, QUALIFICATIONS AND ABILITIES:Education: A Bachelor’s degree in Computer Science, Business Information Systems, Cybersecurity, or related field is required. Alternatively, 4 additional years (9 years total) of full-time, directly relevant working experience may be considered in lieu of a 4-year degree.Experience: A minimum of 5 years of full-time working experience in IT environment with at least 2 of those years specific to audit, compliance, risk management, or security. Hands on work with risk assessment, control testing, risk management, and policy development. Knowledge of software used in the performance of GRC activities such as Oracle RMC, Azure identity governance, privileged access management, user access reviews, and model-based system engineering are preferred.Industry Requirements: Eligible to work under Department of Energy 10 CFR Part 810.PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.Ability to understand and communicate clearly using a phone, personal interaction, and computers.Ability to learn new job functions and comprehend and understand new concepts quickly and apply them accurately in a rapidly evolving environment.The employee frequently is required; to sit and stand; walk; bend, use hands to operate office equipment; and reach with hands and arms. Ability to travel nationally and internationally using common forms of transportation.