Associate IT Security Analyst, Governance Risk & Compliance (GRC)

Western Governors University•Salt Lake City, UT

1d•$65,500 - $98,300•Onsite

About The Position

The Associate IT Security Analyst on the GRC team supports the Human Risk and Governance functions within WGU’s Information Security Governance, Risk, and Compliance (GRC) program. This entry-level role is focused on building core security governance skills while helping reduce human risk, strengthen our security culture, and support compliance activities. Working under the guidance of senior team members and the Director of GRC, this analyst contributes to WGU’s security policy lifecycle, security awareness and training, phishing simulations, and privacy and regulatory initiatives in a highly collaborative, growth‑oriented environment.

Requirements

Associate’s degree, or equivalent combination of education and relevant experience.
Approximately one year of experience in IT, information security, governance, compliance, communications, or a related field; internships, academic projects, or part‑time roles are welcome.
Exposure to core information security concepts such as security awareness, risk management, and policy development, with a strong interest in growing these skills.
Ability to review and interpret basic data sets (for example, reports, training results, or policy feedback) and summarize key observations.
Good written and oral communication skills, with the ability to communicate with purpose, clarity, and accuracy to technical and non‑technical stakeholders.
Strong analytical, problem solving, and decision making skills, with a solution‑focused mindset.
Ability to work well with others in complementary roles, collaborate across teams, and follow through on commitments.

Nice To Haves

Familiarity with security awareness platforms, phishing simulation tools, or learning management systems.
Experience supporting communications, training content, or awareness campaigns (e.g., newsletters, intranet posts, email campaigns).
Coursework, certifications, or personal projects related to cybersecurity, GRC, privacy, or human risk management.

Responsibilities

Support the security policy and standards lifecycle, including coordinating reviews, tracking updates, and helping maintain related documentation.
Help track, document, and maintain policy exceptions and approvals to support audit and compliance needs.
Assist with regulatory and privacy compliance tasks in partnership with Legal and other GRC stakeholders.
Support monthly employee phishing simulations, including setup, monitoring, and reporting on results and trends.
Help administer employee security awareness and required annual training, including enrollment, tracking, and reporting completion.
Assist with student security awareness plan development, content coordination, and execution of awareness activities.
Support Human Risk Program documentation, metrics, dashboards, and ongoing program activities.
Contribute to Cybersecurity Awareness Month planning, communications, and events.
Assist with Data Privacy Week materials, messaging, and engagement campaigns across the university.
Support the Security Ambassadors Program through coordination, communications, and tracking engagement.
Maintain GRC documentation, dashboards, and operational tracking tools in partnership with Information Security and GRC team members.

Benefits

medical, dental, vision, telehealth and mental healthcare
health savings account and flexible spending account
basic and voluntary life insurance
disability coverage
accident, critical illness and hospital indemnity supplemental coverages
legal and identity theft coverage
retirement savings plan
wellbeing program
discounted WGU tuition
flexible paid time off for rest and relaxation with no need for accrual, flexible paid sick time with no need for accrual, 11 paid holidays, and other paid leaves, including up to 12 weeks of parental leave