Join Maverik’s Growing IT Team as an IT GRC Analyst
At Maverik, we're building a new, high-visibility governance, risk, and compliance (GRC) program to support our IT strategies and business goals. As an IT GRC Analyst, you’ll play a key role in developing, implementing, and enhancing our IT governance frameworks, policies, and processes. This is an exciting opportunity to collaborate with IT leadership and work on impactful projects that contribute directly to the organization’s success. If you're ready to make a difference and grow in a dynamic environment, we’d love to hear from you!
Essential Duties and Responsibilities:
Governance: Assist with developing, implementing, and enhancing IT governance frameworks, policies, and activities to align IT strategies with business goals, ensuring optimal efficiency and effectiveness, including business impact analyses and change management process. Risk Management: Assist with risk assessments, identifying potential risks, evaluating their impact, and developing strategies to mitigate and monitor them effectively. Compliance: Perform activities to validate the organization’s compliance with relevant laws, regulations, industry standards or frameworks, and internal policies, staying current with changes in compliance requirements. This includes coordinating, tracking, and verifying remediation of any gaps or findings. Security Awareness: Promote compliance with regulatory requirements, industry frameworks, internal Information Security policies, and IT best practices.Qualifications: Education
Bachelor’s degree in information security, cybersecurity, information systems, business administration, or related field preferred Certifications preferred: CompTIA Security+, CompTIA Network+, CISA, CRISC, CIA Qualification: Experience 2+ years working in IT governance, audit, risk management, compliance, or GRC role preferred 1+ years working in information technology, cybersecurity or related technical experience preferredQualifications: Team Member Competencies
Demonstrate basic knowledge of commonly used concepts, principles, and practices of Information Security such as access control, network concepts, operating system security, vulnerability management, email security, and endpoint protection. Demonstrate basic understanding of common security and privacy frameworks and regulation, and IT general controls. Familiarity with risk management practices, and risk-based thinking to drive prioritization. Basic understanding of audit processes and requirements is desirable. Ability to maintain the strictest confidentiality. Interest in obtaining security or risk management certifications, with a willingness to pursue them. Ability to learn and adapt quickly to new technologies in a general sense. Able to work with minimal supervision, self-motivated, and organized. Ability to effectively communicate both orally and in writing, as well as the ability to properly interact with all levels of the organization, often in volatile/high pressure situations. Strong documentation & reporting skills. Efficient & effective Project Management skills. Compensation & BenefitsPay Range: $80,000-$85,000/year + DOE and Bonus Opportunity
The above salary range represents a general guideline; however, Maverik/Kum&Go considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.
Benefits Include: Full Health, Dental and Vision Package with company contribution to cost. In-Store and Fuel Discounts Retirement plan with company match (401K). This position will be eligible for the annual incentive bonus program. Comprehensive Paid Time-Off Policy, along with additional perks and benefitsDuties and responsibilities, as required by business necessity may be added, deleted, or changed at any time at the discretion of management, formally or informally, either verbally or in writing. Scheduling and shift assignments and work location may be changed at any time, as required by business necessity.