NextCISO Junior GRC Analyst (Remote)

The Next CISO Junior GRC Analyst program is tuition-free and designed for career changers with little to no technical experience looking to enter the cybersecurity industry. The program runs for six to seven months depending on the skills of the students coming into the program. Each class is specifically designed for that group of students. We do not have an ETA yet on when the next program starts, but are taking applications. Please attach your resume and a letter explaining why you are interested in the program and why you think you make a good candidate. A member of our team will reach out to you for next steps. 

As GRCIE’s mission is to diversify the next generation GRC workforce, we encourage students that come from underrepresented groups including racially diverse, gender diversity, LGBT+ community, socioeconomically disadvantaged, people with disabilities, and veterans to apply.

Qualifications

• Self-motivated individuals with passion and perseverance
• The ability to take initiative and work as part of a team and across a range of partners
• An eagerness to learn about compliance, security, risk management, and audit
• Ability to learn new applications quickly
• Entrepreneurial spirit and willingness to roll up sleeves to get the job done
• Passion for solving problems (large and small.)
• Attention to detail
• Willingness to dedicate the next six to seven months to learning

Our apprentices are exposed to client work within the first 60 days of starting the NextCISO Academy. As an apprentice, you will help with activities related to the implementation, growth, and/or maintenance of a client’s internal compliance program. While we cannot guarantee exactly what work you may be assigned for clients, below is an example of what some of those duties might entail. 

Example Tasks

• Help with ongoing maintenance of information security policies as they relate to client compliance projects.
• Evaluate internal control design and operating effectiveness to ensure compliance with security and privacy frameworks.
• Compile asset inventories. 
• Conduct risk assessments.
• Document audit procedures and results.
• Conduct technology bake-offs. 
• Conduct vulnerability scans. 
• Work with internal client teams to understand and assess the controls within their environment(s).
• Provide regular status updates to the project lead and communicate delays in work as they occur.
• Conduct vendor security risk assessments for any third-party software solutions being considered for use.

GRCIE is committed to providing any necessary accommodations for individuals with disabilities within our application and interview process. To request an accommodation due to a disability, please inform one of our team members. 

GRCIE provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.