IT Governance, Risk & Compliance Analyst in Winona, Minnesota at Fastenal
NewSalary: $55000 - $75000Employment Type: Full-Time
Fastenal
Winona, Minnesota, 55987, United States
Posted on
New job! Apply early to increase your chances of getting hired.
Explore Related Opportunities
Job Description
IT Governance, Risk & Compliance Analyst
212 W 2nd St, Winona, MN 55987
Full-time Shift(s): MON TUE WED THU FRI 8:00am - 5:00pm
OVERVIEW:
Working as Full-time IT Governance, Risk & Compliance Analyst, you will support the assurance of IT GRC across the organization to ensure continuous compliance with industry laws, regulations, frameworks and agreed IT standards, policies and methodologies, to effectively manage risk, and maintain effective governance practices. This position will provide guidance to various stakeholders within IT and the organization, assessing processes and controls, and implementing those processes and controls to drive a culture of quality, standardization and compliance. The role involves an auditing component supporting and assessing compliance of a diverse range of IT-related activities and concerns.
RESPONSIBILITIES:
The duties and responsibilities of this position include, but are not limited to:
o Supporting the development and implementation of IT GRC frameworks, plans, policies, and procedures. Ensuring alignment with industry best practices and regulatory requirements.
o Supporting industry/regulatory control frameworks, security standards and assessments (PCI DSS, ISO 2700x, SOC 2, Data Privacy (GDPR, CCPA)) and internal/external audit engagements when necessary.
o Assisting in the completion of internal IT security and risk audits and associated remedial actions across the organization. Providing documentation, evidence, and insights to support audit processes.
o Tracking and follow up on audit findings, ensuring timely remediation.
o Collaborating with cross-functional teams and broader organizational areas, such as security, IT, finance, legal, and internal audit, to ensure a coordinated and integrated approach to IT governance, risk, and compliance initiatives and activities.
o Providing guidance on compliance matters and support risk management activities.
o Monitoring emerging trends, technologies, and regulatory changes affecting IT GRC and assess their impact on the organization. Identifying opportunities to enhance GRC practices, streamline processes, and implement automation or digital tools to improve efficiency and effectiveness.
o Assisting in the preparation of reports and presentations for management and stakeholders on compliance status, risk exposure, and recommended actions. Utilizing GRC toolsets for management and reporting.
o Participating in incident response activities related to governance, risk, and compliance.
o Assisting in the development of training programs to educate employees about compliance requirements, risk management, and governance principles. Promoting awareness of compliance obligations and foster a culture of ethics and accountability within the organization.
REQUIRED POSITION QUALIFICATIONS:
The following skills and qualifications are required for this position:
o Possess a Bachelor's degree in Computer Science, MIS, Organization or related field of study
o Proficiency with Microsoft Office products and strong PC skills
o Demonstrate an Understanding of information security concepts and principles
o Passion for information risk and security - eager to learn, with a strong drive and enthusiasm for the subject
o Strong problem-solving, planning, and continuous improvement skills
o Excellent organizational, analytical and oral and written communication skills
o Independent-minded, objective and rational
o High standards of personal integrity, trustworthiness and discretion.
o Communicate technical concepts to non-technical audiences in addition to having an analytical and detailed oriented approach to problem solving
o Organized and proactive in managing a varied workload is key to being successful in the role.
o Pass the required drug screen and background check (applicable in the US, Puerto Rico, and Guam ONLY)
ABOUT US:
Since 1967 Fastenal has grown as a distributor of industrial and construction supplies from a single branch to approximately 3,000 servicing locations, each providing tailored local inventory and personal service for our customers. As we've expanded across the world, we've retained a core belief in people and their ability to accomplish remarkable things - if given the opportunity. From this philosophy stems an entrepreneurial culture that challenges every employee to run their own business, create their own success, and advance to become company leaders.
As a growth company with a solid financial position, we are committed to training, promoting from within, and creating opportunities for our employees. If you have an entrepreneurial spirit and are looking to make your mark as part of an elite growth company, you won't find a better fit than Fastenal.
FULL-TIME BENEFITS:
Fastenal offers a competitive benefits package to all full-time employees. This package includes Health, Life, Long Term Disability, and Dental Insurance, in addition to, paid vacation, sick leave, holidays, and 401(k) with an employer contribution.
COMPENSATION:
The base pay range for this position is $55,000 - $75,000. In addition to base pay, this position is also eligible for a bonus and/or commission.
Back to my Search
Position Details - IT Governance, Risk & Compliance Analyst
| Job ID | 627398 |
| Title | IT Governance, Risk & Compliance Analyst |
| Type | Full-time |
| Location | Winona, MN 55987 |
| Departments | Information Technology |
| Date Published | June 9, 2026 |
| End Date | 06-19-2026 |
Job Description
IT Governance, Risk & Compliance Analyst212 W 2nd St, Winona, MN 55987
Full-time Shift(s): MON TUE WED THU FRI 8:00am - 5:00pm
OVERVIEW:
Working as Full-time IT Governance, Risk & Compliance Analyst, you will support the assurance of IT GRC across the organization to ensure continuous compliance with industry laws, regulations, frameworks and agreed IT standards, policies and methodologies, to effectively manage risk, and maintain effective governance practices. This position will provide guidance to various stakeholders within IT and the organization, assessing processes and controls, and implementing those processes and controls to drive a culture of quality, standardization and compliance. The role involves an auditing component supporting and assessing compliance of a diverse range of IT-related activities and concerns.
RESPONSIBILITIES:
The duties and responsibilities of this position include, but are not limited to:
o Supporting the development and implementation of IT GRC frameworks, plans, policies, and procedures. Ensuring alignment with industry best practices and regulatory requirements.
o Supporting industry/regulatory control frameworks, security standards and assessments (PCI DSS, ISO 2700x, SOC 2, Data Privacy (GDPR, CCPA)) and internal/external audit engagements when necessary.
o Assisting in the completion of internal IT security and risk audits and associated remedial actions across the organization. Providing documentation, evidence, and insights to support audit processes.
o Tracking and follow up on audit findings, ensuring timely remediation.
o Collaborating with cross-functional teams and broader organizational areas, such as security, IT, finance, legal, and internal audit, to ensure a coordinated and integrated approach to IT governance, risk, and compliance initiatives and activities.
o Providing guidance on compliance matters and support risk management activities.
o Monitoring emerging trends, technologies, and regulatory changes affecting IT GRC and assess their impact on the organization. Identifying opportunities to enhance GRC practices, streamline processes, and implement automation or digital tools to improve efficiency and effectiveness.
o Assisting in the preparation of reports and presentations for management and stakeholders on compliance status, risk exposure, and recommended actions. Utilizing GRC toolsets for management and reporting.
o Participating in incident response activities related to governance, risk, and compliance.
o Assisting in the development of training programs to educate employees about compliance requirements, risk management, and governance principles. Promoting awareness of compliance obligations and foster a culture of ethics and accountability within the organization.
REQUIRED POSITION QUALIFICATIONS:
The following skills and qualifications are required for this position:
o Possess a Bachelor's degree in Computer Science, MIS, Organization or related field of study
o Proficiency with Microsoft Office products and strong PC skills
o Demonstrate an Understanding of information security concepts and principles
o Passion for information risk and security - eager to learn, with a strong drive and enthusiasm for the subject
o Strong problem-solving, planning, and continuous improvement skills
o Excellent organizational, analytical and oral and written communication skills
o Independent-minded, objective and rational
o High standards of personal integrity, trustworthiness and discretion.
o Communicate technical concepts to non-technical audiences in addition to having an analytical and detailed oriented approach to problem solving
o Organized and proactive in managing a varied workload is key to being successful in the role.
o Pass the required drug screen and background check (applicable in the US, Puerto Rico, and Guam ONLY)
ABOUT US:
Since 1967 Fastenal has grown as a distributor of industrial and construction supplies from a single branch to approximately 3,000 servicing locations, each providing tailored local inventory and personal service for our customers. As we've expanded across the world, we've retained a core belief in people and their ability to accomplish remarkable things - if given the opportunity. From this philosophy stems an entrepreneurial culture that challenges every employee to run their own business, create their own success, and advance to become company leaders.
As a growth company with a solid financial position, we are committed to training, promoting from within, and creating opportunities for our employees. If you have an entrepreneurial spirit and are looking to make your mark as part of an elite growth company, you won't find a better fit than Fastenal.
FULL-TIME BENEFITS:
Fastenal offers a competitive benefits package to all full-time employees. This package includes Health, Life, Long Term Disability, and Dental Insurance, in addition to, paid vacation, sick leave, holidays, and 401(k) with an employer contribution.
COMPENSATION:
The base pay range for this position is $55,000 - $75,000. In addition to base pay, this position is also eligible for a bonus and/or commission.
Share this posting
Please respond by 06-19-2026.
Equal Opportunity Employer
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
Winona, Minnesota, 55987, United States
Frequently asked questions about this position
Continue to apply
Enter your email to continue. You’ll be redirected to the employer’s application.By clicking Continue, you understand and agree to JobTarget's Terms of Use and Privacy Policy.