Share this Job





Senior Analyst, Governance, Risk, & Compliance - Kiewit Technology Group


Omaha, NE, US

Requisition ID: 125305 

Job Level: Senior Level 

Department: Information Technology 

Market: Corporate Home Office 

Employment Type: Full Time 

Position Overview

This position is responsible for providing technical expertise over the Kiewit Information Technology governance, risk and compliance program.  They are responsible for the development and maintenance of the continuous monitoring/audit program.  The Sr. GRC Analyst is responsible for identifying, prioritizing, monitoring and reporting technology risks and controls including performing risk and controls assessments. This position works closely with the operational, technical, and corporate function personnel to foster a technology risk management culture, challenge assumptions and to assist in communicating a holistic risk profile of technology risk to Executive management and various stakeholders. This role also interfaces between Legal/ Compliance and both internal and external auditors for compliance initiatives, including providing requested audit inputs. This position is part of the team responsible for establishing and maintaining an enterprise Information Security Governance, Risk and Compliance vision, strategy and program. 


At Kiewit, the scale of our operations is huge. Our construction and engineering projects span across the United States, Canada and Mexico, improving and connecting communities with every initiative. We depend on our high-performing operations support professionals — they’re the glue that holds multiple areas of the business together and the catalysts that make things happen. We hire only the most driven people and we offer them diverse career opportunities, strong leadership and mentorship, rewarding, collaborative work, and responsibility they won’t find just anywhere. We’re always pushing new limits. You can too.

District Overview

Kiewit Technology Group’s (KTG) mission is to deliver project schedule and cost certainty by employing technology designed by and for the construction industry. Our team deploys apps to the field that increase profitability by maximizing the way we use our people and resources in daily operations. KTG uses the Kiewit Management System (KMS), which includes systems and tools that manage every part of Kiewit’s business and lifecycle of a project, to improve planning and day-to-day execution in the field by giving our people real-time data to make faster, smarter decisions. Every day our employees make an impact the efficiency of the iconic projects Kiewit builds and you can too.


This position is based out of our Kiewit Business Center at 12720 I Street. This is a shared service center in a professional office setting. 


•    Assists with the development of the continuous audit/monitoring program to include designing and analyzing control tests for IT systems and high risk technical areas
•    Works individually and on teams to support the completion of specific tasks within time and budget constraints and interface with the customer/client/stakeholder on a day-to-day basis
•    Apply their expertise to the practical issues they identify or those presented by the customer/client/stakeholder
•    Assist the stakeholders to formulate solutions, prepare deliverables, and documentation
•    Develop and maintain quarterly continuous audit/monitoring updates/reporting 
•    Explain complex information to others, including new controls, requirements and evidence material 
•    Provide audit guidance and respond to customer inquiries, as needed 
•    Assist with documenting and reporting actual or potential information security violations 
•    Provide governance and compliance consulting to the business, and recommend steps to mitigate potential exceptions 
•    Solve problems in straightforward situations and within guidelines 
•    Monitor systems for compliance to Information Security Policy and Standards 
•    Direct the work of staff and review work, deliverables and reports for accuracy and completeness
•    Assist in the coordination and/or perform audit processes against a wide variety of security and privacy regulatory and compliance frameworks for several products
•    Liaise across relevant business, technology, and control functions to prioritize risks, challenge technology risk decisions, assumptions and tolerances, and drive appropriate risk response
•    Contribute to the establishment of metrics and tools to assess and report on inherent risks, control strength and residual risk in a consistent and objective manner
•    Assist with the development and validation of remediation plans for technology deficiencies
•    Improve controls for internal systems, policies and processes
•    Monitor compliance initiatives and control effectiveness
•    Collaborate with internal teams and external auditors throughout compliance, audit, and attestation engagements
•    Stay current on security industry trends, relevant compliance requirements, and security best practices by attending conferences, networking with peers, and other educational opportunities
•    Mentor and train less experienced staff



•    Bachelor’s Degree or higher strongly preferred with experience in IT Audit or Advisory, IT Risk & Compliance, Information Security, Computer Information Systems, or Management Information Systems
•    Minimum of 4 years' experience auditing information systems desired
•    Three or more years in IT Risk, Compliance, Business Continuity/Disaster Recovery, or a combination of in a closely related field
•    Must have and maintain or be able to obtain within one year of employment at least one of the following certification: CISSP, CISA, CRISC or equivalent designation.
•    Demonstrate solid knowledge on technology processes, risks and issues including within infrastructure, information security, SDLC and Enterprise Service Management utilizing various IT controls frameworks (i.e. NIST CSF)
•    Capable of identifying, evaluating and mitigating significant risks within an enterprise
•    Strong working experience with Microsoft Office Suite and GRC tools (i.e. RSA Archer)
•    Ability to document and explain findings, risks and vulnerabilities to both business and technical stakeholders
•    Possess strong influencing, negotiating, and relationship building skill
•    Experience supervising staff
•    Strong oral and written communication skills and the ability to work well with people from many different disciplines with varying degrees of technical experience
•    Possess strong analytical skills and attention to detail
•    Must be able to work independently 
•    Experience with Big 4 or within an internal audit department desired
•    Bachelor’s Degree or higher strongly preferred with experience in IT Audit or Advisory, IT Risk & Compliance, Information Security, Computer Information Systems, or Management Information Systems
•    Must have and maintain or be able to obtain within one year of employment at least one of the following certification: CISSP, CISA, CRISC or equivalent designation.

We are an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

There’s no limit to what you’ll work on at Kiewit. With contracts in different markets and geographic areas, you’ll tackle new challenges all the time. Whether you’re building a facility that can turn water into power or engineering safer infrastructure networks, you’re bound to push the limits of innovation in new and exciting ways.

With Kiewit, you’ll have the potential to work on a variety of projects in seven major markets. From railroads to tunnels, renewable energy to biofuels, you’ll be part of a mission that’s bigger than you can imagine. 

Here, you’ll team up with market experts and gain cross-functional experience — all while helping people across the globe live better.

We offer our fulltime staff employees a comprehensive benefits package that’s among the best in our industry, including top-tier medical, dental and vision plans covering eligible employees and dependents, voluntary wellness and employee assistance programs, life insurance, disability, retirement plans with matching, and generous paid time off.

Nearest Major Market: Omaha
Nearest Secondary Market: Council Bluffs

Job Segment: Risk Management, Compliance, Engineer, Information Systems, Law, Finance, Legal, Engineering, Technology