Are you passionate about ensuring regulatory compliance and staying ahead of emerging trends?

Join our team as a Governance Risk and Compliance Analyst! Reporting to the Data Protection and Compliance Manager, you'll play a crucial role in developing and maintaining a robust compliance program. You'll ensure our organization meets all applicable regulations and statutory requirements while keeping an eye on the latest industry trends. Your expertise will help shape our policies and procedures, ensuring continued compliance and effectiveness. Plus, you'll have the opportunity to represent Global Compliance interests in various projects and committees.

If you're ready to make a significant impact, we want to hear from you!

What will you do?

• Establish a strong understanding of organizational compliance obligations (PCI DSS, GDPR, HIPAA, CCPA/CPRA, COPPA, etc.).
• Lead Governance Risk and Compliance projects and provide direction to others.
• Perform ongoing monitoring and testing of compliance and security controls to ensure effectiveness.
• Conduct targeted risk and compliance assessments across business processes and IT systems including third party risk assessments.
• Maintain and update the risk register with identified risks, controls, and mitigation strategies.
• Support third-party vendor risk assessments, contract reviews, and ongoing monitoring.
• Collaborate with IT, Security, and Legal teams to ensure compliance requirements are met.
• Draft and improve policies, procedures, and standards in alignment with compliance frameworks.
• Research and monitor regulatory changes; summarize and communicate impacts to stakeholders.
• Contribute to data governance initiatives such as data classification and data protection standards.
• Assist in the creation, management, and testing of DLP policies to align with compliance and data protection requirements.
• Support the administration of compliance tools and platforms used for evidence collection and reporting.
• Prepare compliance reports and summaries for management, highlighting risks, control testing results, and compliance status.
• Document and maintain evidence libraries to support repeatable compliance and audit cycles.
• Map business and IT processes to applicable regulatory and security controls to ensure coverage.
• Participate in compliance-related meetings, workshops, and stakeholder sessions to align on requirements.
• Support GRC program development by contributing to metrics, dashboards, and maturity assessments.
• Perform other assigned duties as requested to support the GRC program.

What are we looking for?

• Bachelor’s degree in business, finance, or a related field, or combination of education/training with relevant experience.
• CIPP Certification preferred.
• 2 plus years of compliance and/ or risk management experience preferred. Knowledge of information security a plus.
• Excellent knowledge of common software programs such as Microsoft Office, Visio, Project, and SharePoint.
• Comfortable communicating with individuals at all levels across the Ministry.
• Requires well developed communication, business, and technical skills.
• Strong written and verbal communication skills.
• Requires proven and effective team leadership and collaboration skills, with the ability to work effectively with others through conflicting pressures and priorities while resolving complex issues.
• Excellent interpersonal skills with the ability to develop sincere business/Ministry relationships.
• Demonstrated ability to work independently; establishing and meeting performance/Ministry goals.
• Exhibits versatility and flexibility. Regularly adapts to change while maintaining a positive attitude and high productivity.
• Demonstrated ability to represent Ministry and executive staff professionally and maintain confidentiality.

What can we offer you?

• Industry leading Medical, Dental & Vision coverage
• Short/long term disability and life insurance
• Robust 401K with company match
• Parental leave with Baby Bonding pay
• Generous PTO, holiday and sick pay
• Unique company culture that includes exclusive access to concerts, movie premieres, media industry events, and more
• Leadership and Career Development Programs including free access to LinkedIn Learning platform

Why work for K-LOVE?

K-LOVE is a nonprofit, multi-platform media company on a mission to draw people closer to Christ. Founded in 1982 in Santa Rosa, CA, with a single radio station, K-LOVE today owns and operates the nation's two largest Christian music radio networks (K-LOVE and Air1) with over 1,000 broadcast signals across all 50 states and beyond, streaming audio reaching around the world, and a growing family of media ministries including podcasts, books, films, concerts, and events. EMF employs nearly 500 team members between its offices in Nashville, TN, Rocklin, CA, and field locations around the country. You can view our mission and values here Mission, Beliefs & Values. 

“As an Equal Opportunity Employer, EMF makes employment decisions based on merit and other legitimate reasons. The Company is committed to a diverse and inclusive work environment and the promotion of equal employment opportunities regardless of protected class, characteristic or status.  However, EMF is also a religious non-profit organization where all team members contribute to the Company’s mission of encouraging our audiences “to have a meaningful relationship with Christ.” Therefore, pursuant to the Civil Rights Act of 1964, Section 702 (42 U.S.C. 2000e I(a)), EMF has the right to hire only candidates who agree with the Company’s Statement of Faith.  Also, as a religious non-profit organization, the Company is not governed by the CA Fair Employment and Housing Act.”