Associate GRC Security Analyst

<p><span style="color: rgb(0, 0, 0);">IXL Learning, developer of personalized learning products used by millions of people globally, is seeking an Associate GRC Analyst to join our growing security team. In this role you will support IXL's internal cybersecurity governance, compliance, and audit program by gathering evidence, performing vendor risk assessments, conducting risk assessments, and maintaining audit-ready documentation. You will also contribute to security awareness training and phishing simulation programs and cross-train with and support other members of the security team. This role is a great fit for someone early in their GRC career who is eager to build hands-on experience across multiple compliance frameworks and risk management disciplines.</span></p> <p>This position requires you to be in our San Mateo, CA, headquarters office.</p> <h4>WHAT YOU'LL BE DOING</h4> <ul> <li>Support internal and external audits by gathering, organizing, and maintaining evidence in a timely and accurate manner</li> <li>Support the operation, implementation, and administration of the team's GRC platform, including compliance documentation management and reviews, attestations, workflow configuration, user management, and data integrity maintenance</li> <li>Perform vendor risk assessments to evaluate third-party security posture and compliance alignment</li> <li>Conduct risk assessments and contribute to maintaining the organization's risk register and open findings tracking</li> <li>Support security awareness training programs including content coordination, participation tracking, and reporting</li> <li>Assist with planning, execution, and results reporting for phishing simulation campaigns</li> <li>Map and cross-reference controls across multiple compliance frameworks such as SOC2, PCI-DSS, GovRAMP, and NIST</li> <li>Maintain audit-ready documentation, policy version control, and evidence repositories year-round</li> <li>Track and manage security exceptions through their full lifecycle including intake, approval, and expiration</li> <li>Assist identifying, building and reporting on GRC-specific metrics for leadership</li> <li>Cross-train with and support other members of the security team as needed</li> </ul> <h4>WHAT WE'RE LOOKING FOR</h4> <ul> <li>Bachelor's degree, preferably in Computer Science, Cybersecurity, Information Systems, or a related field</li> <li>1-3 years of experience in GRC, IT audit, compliance, risk management, or a related field</li> <li>Familiarity with common compliance frameworks such as SOC2, PCI-DSS, NIST, ISO 27001, or GovRAMP</li> <li>Previously supported audits pertaining to SOC2 Type 2 and/or PCI-DSS (Level 1 or hands-on SAQs)</li> <li>Experience with or exposure to vendor risk assessment processes and third-party risk management</li> <li>Strong attention to detail with the ability to organize and manage documentation and evidence across multiple workstreams</li> <li>Excellent written and verbal communication skills with the ability to work across technical and non-technical teams</li> <li>Comfort working in a fast-paced environment and managing multiple priorities simultaneously</li> <li>Relevant certifications such as CompTIA Security+, CISA, or GRCP are a plus</li> <li>Familiarity with GRC platforms like Vanta or Auditboard, or ticketing tools such as Jira is a plus</li> </ul> <p><span style="font-size: 10pt;"><em id="yui_3_18_1_1_1694197266882_24">Our salary ranges are determined by role, level, and location. The base salary range for this full-time position is $80,000 to $105,000 + benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position. Individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.</em></span></p><div class="content-conclusion"><h4>ABOUT IXL LEARNING</h4> <p>IXL Learning is the country's largest EdTech company. We reach millions of learners through our diverse range of products. For example:</p> <ul> <li>1 in 4 students in the United States uses <a href="https://www.ixl.com/" target="_blank">IXL.com</a></li> <li><a href="https://www.rosettastone.com/" target="_blank">Rosetta Stone</a> provides an immersive learning experience for 25 languages</li> <li><a href="https://www.wyzant.com/" target="_blank">Wyzant</a> is the nation's largest community of tutors, covering 300+ subjects</li> <li><a href="https://www.teacherspayteachers.com/" target="_blank">Teachers Pay Teachers (TPT)</a> is a comprehensive marketplace for millions of educator-created resources</li> </ul> <p>Our mission is to create innovative products that will make a real, positive difference for learners and educators and we're looking for passionate, mission-minded people to join us in achieving this goal. We have a unique culture at IXL that fosters collaboration and the open exchange of ideas. We value our team and treat one another with kindness and respect. We approach our work with passion, tenacity, and authenticity. We find it immensely satisfying to develop products that impact the lives of millions and we are eager to have you join our team.</p> <blockquote> <p><span style="font-size: 10pt;"><em>At IXL, we value diversity in age, race, ethnicity, gender, sexual orientation, physical and mental ability, political and religious beliefs, and life experience, and we are proud to promote a work environment where everyone, from any background, can do their best work. IXL Learning is an equal opportunity employer and does not discriminate against applicants and employees based on any legally protected category.&nbsp;</em></span></p> </blockquote></div>