Who we are:
Illumia is an industry leader in bringing the best integrated technology solutions to education, healthcare, and business campuses worldwide. Illumia was built on the collective expertise of two legacy cultures, and brings together people, technology, and insight to pioneer the art of the experience across the communities we serve. Be a part of this exciting organization and improving the lives of people doing mission-critical work.
Why join our team?
We strive to provide the best customer experience in the industry and have succeeded with a single, strong motivating principle: We serve our user community.
Our success and growth are directly attributed to our people. Our newly named company is dedicated to fostering a culture of integrity, respect, and continuous personal development. We maintain an entrepreneurial spirit, where creativity, innovative problem-solving, and learning agility drive our day-to-day actions.
What you will be doing:
Job Summary / Purpose:
We are seeking an experienced detail-oriented and proactive Business Risk Analyst to support the organization’s information security compliance, GRC workflow, and risk management initiatives. This role will play a key part in maintaining adherence to regulatory frameworks, assisting with security control KPIs, coordinating audit activities, and managing risk issues and action plans. The ideal candidate will have experience performing risk assessments, developing and/or managing business continuity plans, working with external auditors and cybersecurity frameworks.
Who you will work with:
- Work closely with IT, HR, Legal, Product, Cloud Services, and Engineering teams to align risk strategies with business objectives
- Track compliance status, action items, and report progress via KPIs to management on a regular basis
- Prepare risk reports and dashboards for senior leadership and internal committees
- Assist with the development and maintenance of risk registers and track mitigation plans
- Support the execution of risk assessments and security control reviews across business units and IT environments
- Assist in compliance efforts of evidence collection and control testing projects with third-party auditors and internal assessments
- Maintain organized documentation for audit readiness and compliance tracking
- Coordinate with internal teams to gather responses to auditor inquiries and remediate identified gaps
- Assist and evaluate third-party vendor and partner workflows and document initial and ongoing third-party due diligence
- Help evaluate the effectiveness of technical and administrative security controls
- Assist with the development and maintenance of compliance-related policies, standards, and procedures
- Works independently with clear direction and flags issues early to maintain momentum.
What You’ll Bring:
Required Qualifications
- 5+ years of experience in information security, risk management, or compliance.
- Working knowledge of SOC 2, PCI DSS, HIPAA, GovRAMP, NIST CSF or similar frameworks.
- Prior experience managing process workflows within TPRM due diligence cycles and vendor/partner onboarding.
- Experience tracking and analyzing external audits, KPIs, and compliance evidence collection with attention to detail.
- Strong analytical, communication, and project management skills.
- Ability to communicate clearly with technical and non-technical stakeholders.
Preferred Qualifications
- Familiarity with AuditBoard/Optro or similar GRC platforms and documentation tools is a plus.
Essential Functions of the job:
The duties and responsibilities described in this job description are intended to represent the essential functions of the position as defined under applicable federal, state, and local labor laws, including the Americans with Disabilities Act (ADA). These functions are the fundamental job duties required for successful performance.
Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions unless such accommodations impose an undue hardship on the organization.
This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities. Duties may be added, removed, or modified at any time in accordance with business needs and applicable law.
What is good to know:
This is a fast-paced and exciting position that will be delivered predominately remotely but some travel may be required.
Competencies and Behaviors
- Key core competencies: time management, process improvement, critical thinking, root cause analysis, cross-department collaboration, adaptability, and problem-solving.
- Professional Behaviors: integrity & ethical judgment, business acumen, learning agility, initiative & ownership, and internal/external customer service orientation.
This position is classified as Exempt under the Fair Labor Standards Act (FLSA) and applicable state wage-and-hour laws.
What you get when you join our team:
- Flexible time off to include paid holidays and volunteer time.
- Robust health, dental, and vision insurance plans on your first day of employment
- Comprehensive employee assistance program (EAP)
- Employer-paid life insurance/AD&D/short-term and long-term disability insurance
- Flexible spending account (FSA) or health savings account (HSA)
- Matched 401(k)
- Employee stock purchase plan
Base salary offers for this position may vary based on factors such as location, skills, and relevant experience. Some positions may include additional compensation in the form of bonus, equity, or commissions.
Illumia is an equal employment opportunity employer and considers qualified applicants for employment without regard to race, gender, age, religion, national origin, marital status, disability, sexual orientation, protected military/veteran status, or any other protected factor.
Skills Required
- 5+ years of experience in information security, risk management, or compliance.
- Working knowledge of SOC 2, PCI DSS, HIPAA, GovRAMP, NIST CSF or similar frameworks.
- Prior experience managing process workflows within TPRM due diligence cycles and vendor/partner onboarding.
- Experience tracking and analyzing external audits, KPIs, and compliance evidence collection.
- Strong analytical, communication, and project management skills.
- Ability to communicate clearly with technical and non-technical stakeholders.
- Familiarity with AuditBoard/Optro or similar GRC platforms and documentation tools.
What We Do
Through transformative payments and credential-driven transactions and privileges, Transact partners with institutions to help them make their student and family experience mobile-centric, personal and individualized, and completely connected all across campus. Our open enterprise-class cloud platform enables mission-critical capabilities that translate into superior student and family experiences, integration with every aspect of campus life, and richer institutional insight. Build the type of connected campus experience students and families expect with integrated tuition and fee payments, comprehensive dining and retail credential-driven transactions, configurable security and privilege management, and automated attendance and events. At each interaction across these capabilities, capture meaningful data so campus leaders can make informed decisions and take proactive action. And easily integrate with your campus systems and partners with a broad, open ecosystem, maximizing existing investments, evolving quickly, and delivering a personalized solution. https://twitter.com/TransactCampus https://www.facebook.com/pg/transactcampus https://www.youtube.com/channel/UCMuLT44Wkw7MPUhmof_6hvQ








