IXL Learning, developer of personalized learning products used by millions of people globally, is seeking an Associate GRC Analyst to join our growing security team. In this role, you will support IXL's internal cybersecurity governance, compliance, and audit program by gathering evidence, performing vendor risk assessments, conducting risk assessments, and maintaining audit-ready documentation.
Support internal and external audits by gathering, organizing, and maintaining evidence in a timely and accurate manner
Support the operation, implementation, and administration of the team's GRC platform, including compliance documentation management and reviews, attestations, workflow configuration, user management, and data integrity maintenance
Perform vendor risk assessments to evaluate third-party security posture and compliance alignment
Conduct risk assessments and contribute to maintaining the organization's risk register and open findings tracking
Support security awareness training programs including content coordination, participation tracking, and reporting
Assist with planning, execution, and results reporting for phishing simulation campaigns
Map and cross-reference controls across multiple compliance frameworks such as SOC2, PCI-DSS, GovRAMP, and NIST
Maintain audit-ready documentation, policy version control, and evidence repositories year-round
Track and manage security exceptions through their full lifecycle including intake, approval, and expiration
Assist identifying, building and reporting on GRC-specific metrics for leadership
Cross-train with and support other members of the security team as needed
Qualification
Required
Bachelor's degree, preferably in Computer Science, Cybersecurity, Information Systems, or a related field
1-3 years of experience in GRC, IT audit, compliance, risk management, or a related field
Familiarity with common compliance frameworks such as SOC2, PCI-DSS, NIST, ISO 27001, or GovRAMP
Previously supported audits pertaining to SOC2 Type 2 and/or PCI-DSS (Level 1 or hands-on SAQs)
Experience with or exposure to vendor risk assessment processes and third-party risk management
Strong attention to detail with the ability to organize and manage documentation and evidence across multiple workstreams
Excellent written and verbal communication skills with the ability to work across technical and non-technical teams
Comfort working in a fast-paced environment and managing multiple priorities simultaneously
Preferred
Relevant certifications such as CompTIA Security+, CISA, or GRCP are a plus
Familiarity with GRC platforms like Vanta or Auditboard, or ticketing tools such as Jira is a plus
Benefits
Benefits
At IXL Learning, we are passionate about improving learning for all.
Glassdoor
3.4
Founded in 1996
San Mateo, California, USA
1001-5000 employees
https://www.ixl.com/
At IXL Learning, we are passionate about improving learning for all.
