IT GRC Analyst 3

NOTE: This position will be based in our Houston, TX office located in Galleria Tower 1.

POSITION SUMMARY: Reporting to the Manager, IT Compliance, this position will be responsible for supporting the organizations governance, risk management, and compliance initiatives. This role involves identifying, assessing, and mitigating risks while ensuring compliance with policies, regulatory requirements, and industry standards. The IT GRC analyst collaborates with internal and external teams to maintain and improve the implementation of industry frameworks and standards, support audits, and develop business processes. This position will assist in the performance of routine audit activities such as quarterly user access reviews, risk registry maintenance, and documentation updates.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Governance

• Policy and procedure development for IT General Controls and related functions

• Framework alignment of COSO, NIST, ISO, & ITIL to ITGCs in support of Sarbanes-Oxley (SOX)

• Reporting and communication of ITGC compliance status to management

• Stakeholder coordination during development and updates of IT controls

• Risk Management

• Risk assessment support

• Control development, testing, and monitoring

• Issue tracking and remediation

• Risk register maintenance

• Compliance

• Regulatory compliance tracking

• Audit support

• Training and awareness

• Compliance testing

• Performs other duties as assigned.

CORE COMPETENCIES: To perform the job successfully, the individual should demonstrate competencies in performing the essential functions of this position by performing satisfactorily in each of these competencies.

• Problem solving: Identifies and resolves problems in a timely manner, gathers and reviews information appropriately. Uses own judgment and acts independently; seeks input from other team members as appropriate for complex or sensitive situations.

• Oral/written communication: Listens carefully and speaks clearly and professionally in all situations. Edits work for accuracy and clarity, is able to create, read and interpret complex written information. Ability to develop strong interpersonal networks within the organization.

• Planning/organizing: Prioritizes and plans work activities, organizes personal and project timelines and deadlines, tracks project timelines and deadlines, and uses time efficiently.

• Adaptability: Adapts to changes in the work environment, manages competing demands and is able to deal with frequent interruptions, changes, delays, or unexpected events.

• Dependability : Consistently on time and at work, responds to management expectations and solicits feedback to improve performance.

• Team Building: Capable of developing strong interpersonal networks and trust within the organization.

• Safety Culture: Adheres to the NuScale Safety culture and is expected to model safe behavior and influence peers to meet high standards.

• Quality Assurance: Demonstrates understanding and implementation of quality assurance regulations, standards and guidelines of 10 CFR 50 Appendix B, 10 CFR 21, and ASME NQA-1.

SKILLS, QUALIFICATIONS AND ABILITIES:

• Education: A Bachelor’s degree in Computer Science, Business Information Systems, Cybersecurity, or related field is required. Alternatively, 4 additional years (9 years total) of full-time, direct ly relevant working experience may be considered in lieu of a 4-year degree .

• Experience: A minimum of 5 years of full-time working e xperience in IT environment with at least 2 of those years specific to audit, compliance, risk management, or security. Hands on work with risk assessment, control testing, risk management, and policy development. Knowledge of software used in the performance of GRC activities such as Oracle RMC, Azure identity governance, privileged access management, user access reviews, and model-based system engineering are preferred.

• Industry Requirements: Eligible to work under Department of Energy 10 CFR Part 810.

PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Ability to understand and communicate clearly using a phone, personal interaction, and computers.

• Ability to learn new job functions and comprehend and understand new concepts quickly and apply them accurately in a rapidly evolving environment.

• The employee frequently is required; to sit and stand; walk; bend, use hands to operate office equipment; and reach with hands and arms.

• Ability to travel nationally and internationally using common forms of transportation.

Disclaimer: Employee(s) must perform the essential duties and responsibilities with or without reasonable accommodation efficiently and accurately without causing significant safety threat to self or others. The above statements are intended to describe the general nature and level of work being performed by employee(s) assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all employees in this classification.

NuScale Power, LLC is an equal opportunity employer and does not discriminate against otherwise qualified applicants on the basis of race, color, creed, religion, ancestry, age, sex, marital status, national origin, disability or handicap, or veteran status. Pay and Benefits:

The target pay range for this position is $99,175 - $119,694 annually. The full pay range is $88,915 - $139,073 annually.

At NuScale, compensation decisions are determined using factors such as relevant job-related skills, full-time working experience, education and training, equity within the department.

For information on employee benefits, please visit our Careers Overview page: Employee Benefits | NuScale Power (https://www.nuscalepower.com/en/about/careers/employee-benefits)

*LI-NP