"Enterprise IT Sec GRC Analyst 2"

Posted: 20-Dec-25

Location: Houston, Texas

Type: Full-time

Categories: Other Staff/Administrative, Staff/Administrative

Internal Number: 495421

Department: UIT Security

Salary: 81,400 - 92,600

Description: Under direct supervision, participates in security risk assessments and third-party reviews, assists with policy development and maintains inventories of assessments, compliance documentation and evidence. Pursuant to the State of Texas Executive Order No. GA-48, this position researches, works on, or has access to critical infrastructure and requires the ability to maintain the security or integrity of the University infrastructure. This position requires personnel be routinely reviewed to determine whether or not criminal history or continuous connections for the government or political apparatus of a foreign adversary might prevent the employee from being able to maintain the security or integrity of the infrastructure. 1. Assists with risk assessments to ensure compliance with state, federal, industry and institutional information security laws, regulations and policies. 2. Prepares documentation and evidence for assessments and audits. 3. Monitors remediation activities and verifies the implementation of corrective actions. 4. Assists with the development and maintenance of university-wide information security policies, standards, and procedures. 5. Maintains risk and compliance documentation, including risk register and compliance checklists. 6. Assists with conducting assessments of third-party vendor and service provider information security documents, practices and data protection controls. 7. Maintains inventory of assessed third-party vendors and service providers. 8. Tracks legal and regulatory changes and recommends necessary updates to policies and controls. 9. Performs other job-related duties as assigned. MQ: Requires a thorough understanding of both theoretical and practical aspects of an analytical, technical or professional discipline; or the basic knowledge of more than one professional disciplines. Knowledge of the discipline is normally obtained through a formal, directly job-related, 4 year degree from a college or university or an equivalent in-depth specialized training program that is directly related to the type of work being performed. Requires a minimum of three (3) years of directly job-related experience. - Department is willing to accept experience in lieu of education. All positions at the University of Houston-System are security sensitive and will require a criminal history check. The University of Houston System and its universities are Equal Opportunity Institutions. Everyone is encouraged to apply.