GRC Analyst II

About Blackhawk Network

Today, through BHN’s single global platform, businesses of all kinds can tap into the world’s largest network of branded payment solutions. BHN helps businesses grow revenue, increase loyalty, motivate and reward their teams, disburse funds and engage consumers. Branded payment solutions include the issuance and distribution of gift cards, egifts, corporate payouts and rewards, along with the technology to deliver these products in seamless, integrated ways. BHN’s network spans the globe with more than 400,000 consumer touchpoints. Learn more at BHN.com.

Overview

This position is responsible for administering BHN’s Governance, Risk and Compliance operations and ensuring control effectiveness while supporting the team’s risk and audit functions. In this role, you will develop and execute projects involving various internal stakeholders, customers, auditors, and regulatory agencies across multiple global regions.

As a Governance, Risk and Compliance (GRC) Analyst II, you excel at managing competing priorities and have extensive experience collaborating with cross-functional departments, developing communication plans, and overseeing all aspects of operations. You are committed to delivering precise, high-quality outputs that meet strict compliance deadlines. You thrive in scaling, automating, and streamlining administrative processes. You manage numerous operational priorities efficiently using dashboards and reports you create, and you proactively address critical process failures.

Responsibilities

• Continuously administer team operational, control testing, and monitoring processes.
• Oversee the implementation and effectiveness of common controls established by the business.
• Maintains accurate, timely, and assure the integrity of, change management records for GRC systems.
• Build trusted partnerships and collaborate with auditors, internal and external customers, or control owners.
• Learn the numerous BHN product platforms and develop a broad domain and technical understanding of the security activities and control implementations.
• Contributes to risk assessments including vendor risk management, IT security reviews, data governance, or audit findings.
• Stay informed of the global compliance landscape and the applicability to the business objectives.
• Stay informed of emerging security threats and the applicability to the company and GRC programs.

Qualifications

Competencies

• Excellent written and verbal communication skills.
• Skilled in project or program management.
• Agility and experience with adapting to significant shifts in projects or roles or workload.
• Highly experienced in managing multiple competing priorities in a fast-paced environment, with a proven ability to address critical issues promptly.
• Strong desire to work in an administrative role with a continuous desire to seek process improvements.
• Ability to effectively give and receive feedback and translate actionable feedback into results.
• Team focused with the collaboration skills to build trust with diverse functional groups across the organization.
• Experience administering large bodies of work, process, or systems.
• Experience developing data dashboards or reports to manage administrative priorities and inform on process failures.

Technical

• Experience in IT or GRC administrative roles.
• Experience with the risk assessment and remediation plans.
• Practical & technical understanding of network, system, application, SDLC, cybersecurity, and cloud security systems. 
• Experience writing data queries and/or simple scripts, implementing technical controls, or other related skills learned from IT related jobs.
• Experience in implementing or working with projects focused on the technical automation and scalability of administrative processes or
• Some audit experience evaluating controls associated with information security or privacy.

Education/Experience

• Bachelor’s degree in Business, Information Systems, Computer Science or work experience equivalent. 
• 2+ years of experience in information security or IT administration.
• Desired security certification in CISA, CRISC, CISM or other relevant certifications.
• Desired experience leading audit engagements.

Benefits

Blackhawk Network offers benefits including 401k with employer match, medical, dental, vision, 12 paid holidays throughout 2024, 1 hour of sick pay accrual for every 30 hours worked, parental leave, life insurance, disability insurance, accident and illness insurance, health and dependent care flexible spending accounts, wellness benefits, and flexible time off for all full-time employees. 

EEO Statement

Blackhawk Network provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.  Blackhawk Network believes that diversity leads to strength. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Blackhawk Network encourages applicants with previous criminal records to apply to all positions and, pursuant to the San Francisco and Los Angeles Fair Chance Acts (and other “Fair Chance” laws), Blackhawk Network will consider for employment qualified applicants with arrest and conviction records.  For Philadelphia applicants or jobs, please see a copy of Philadelphia’s ordinance on this topic by clicking this link: https://codelibrary.amlegal.com/codes/philadelphia/latest/philadelphia_pa/0-0-0-280104.