<p>Description</p> <p>About USANA</p> <p>Since 1992, USANA has provided the world with the highest-quality products focused on nutritional supplements, skincare, and a healthy lifestyle. But our commitment to excellence goes far beyond our products. USANA is dedicated to share our vision of health by empowering a global family of incredible employees based in more than 20 different markets around the world.</p> <p>Community is at our core. It is our commitment to always strive to be open-minded listeners, hold ourselves and others accountable, be respectful, and celebrate the strength that comes from collaboration. Through initiatives like our Diversity, Equity, and Inclusion Council, we create a company culture where all members of the USANA Family feel cared for, included, and valued.</p> <p>USANA has repeatedly been named one of Utah's Best Companies to Work For by Utah Business magazine, one of America's Best Companies to Work For by Outside Magazine, one of the Best Places to Work for in the Direct Selling Industry by Direct Selling News, and named a top employer by Best of State.</p> <p>Who We Are Looking For</p> <p>We are looking for a motivated individual to join the USANA's security team as a cybersecurity GRC analyst. In this position, you will conduct cyber risk assessments, implement risk mitigation strategies, enforce security policies, and oversee user awareness training. You will also serve as the primary liaison to internal audit teams, work closely on PCI compliance efforts, and assist with developing key cybersecurity metrics.</p> <p>What You Will Do as USANA's Cybersecurity GRC Analyst</p> <ul> <li>Maintain cybersecurity policies, standards, and procedures in alignment with industry frameworks and regulatory requirements </li><li>Conduct risk assessments, security control evaluations, and gap analyses to identify and mitigate cybersecurity risks </li><li>Support internal and external audits, ensuring compliance with frameworks such as NIST CSF, ISO 27001, CIS Controls, SOC 2, and regulatory obligations </li><li>Assist in the management of third-party risk assessments and vendor security evaluations </li><li>Track, monitor, and report on cybersecurity risks, controls, and compliance metrics </li><li>Work with cross-functional teams to integrate security controls into business processes and IT operations </li><li>Develop and maintain risk registers, compliance documentation, and audit evidence repositories </li></ul> <p>Background and Skills You Will Need</p> <ul> <li>Bachelor's degree in Cybersecurity, Information Technology, or a related field preferred </li><li>1+ years of experience in cybersecurity governance, risk management, and compliance </li><li>Experience in conducting risk assessments, developing security policies, and managing security awareness training </li><li>Experience working with regulatory frameworks such as PCI-DSS, GDPR, CCPA, and SOX </li><li>Understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, PCI-DSS) </li><li>Experience managing vendor risk, including third-party assessments </li></ul> <p>Benefits of Being Part of the USANA Family</p> <p>We offer incredible benefits like health, dental, vision, life, and disability insurance; on-site medical and mental health clinic, chiropractic visits, massages, fitness classes, and a full-service gym; free and discounted USANA product; 401k match and profit-sharing bonuses; internal and external opportunities for learning and development; paid parental leave for both primary and secondary caregivers, and generous paid time-off to help you balance work and home!</p> <p>__</p> <p>USANA Health Sciences, Inc. will never ask candidates to submit personal identifiable information via email or attachments. Such information will be only be collected by candidates logging into and submitting through our secure HR management portal. If you are requested to provide information via an unsecure source, please delete the email and contact USANA directly.</p>