×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Business Analyst

Global Cybersecurity Senior GRC Analyst

Job in Reading, Berks County, Pennsylvania, 19610, USA
Listing for: UGI Utilities, Inc.
Full Time position
Listed on 2026-06-06
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Job Summary

The Global Cybersecurity Senior GRC Analyst plays a critical role in ensuring that the organization operates within its regulatory, legal, and compliance obligations while managing risk effectively. The Global GRC Senior Analyst will report directly to the Global Cybersecurity Governance, Risk and Compliance Manager. This role involves collaborating with cross‑functional teams to design, implement, and maintain governance, risk, and compliance processes.

The ideal candidate is detail‑oriented, analytical, and experienced in regulatory compliance, risk management frameworks, and governance best practices and must develop and apply continuous improvement strategies in all aspects of the job function.

Key Responsibilities Governance
  • Develop and maintain corporate policies, procedures, and frameworks to align with industry best practices (e.g., NIST CSF, SOX, PCI, etc.).
  • Assist with the development and maintenance of GRC process and procedure documentation.
  • Ensure IT functions are in compliance with best practices and company policies and standards through assessments (i.e., peer reviews, audits, etc.).
  • Track key risk indicators and security metrics.
Risk Management
  • Assist with conducting gap assessments to identify threats, vulnerabilities, and potential impacts on the organization.
  • Develop and maintain the risk register, ensuring risks are documented, prioritized, and mitigated.
  • Perform third‑party/vendor risk assessments to evaluate potential risks associated with external partnerships and perform ongoing monitoring to assess risk of engagement.
  • Maintain centralized documentation, continuous monitoring for vendors, formal escalation protocols for non‑compliance to ensure alignment with enterprise risk tolerance.
  • Document risk acceptance decisions and compensating controls.
  • Develop and maintain templates for consistent risk documentation.
  • Assist in evaluating cybersecurity risk on incoming projects.
  • Assist and support team in performing cybersecurity due diligence on merger/acquisition targets.
Compliance
  • Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI‑DSS) and industry standards through monitoring and reporting metrics, security exceptions and other methods to monitor compliance.
  • Drive compliance by maintaining the compliance framework to ensure policies and standards align to regulatory requirements, laws and best practices.
Stakeholder Engagement
  • Collaborate with business units to understand critical processes.
  • Educate stakeholders on risk management concepts and frameworks.
  • Partner with technical teams to validate remediation plans.
  • Present risk findings to appropriate governance committees.
  • Coordinate and collaborate with stakeholders to establish and track metrics for governance programs.
  • Collaborate with stakeholders to monitor regulatory and industry developments to comply with changes.
  • Coordinate and collaborate with stakeholders to track outcomes and metrics for all third‑party breaches.
  • Advise stakeholders on compliance requirements and incorporate new metrics into governance lifecycle process, including new tools as they are onboarded.
  • Coordinate the review of policies and standards through collaborating with stakeholders.
Collaboration and Reporting
  • Partner with IT, Legal, HR, and other departments to ensure alignment on risk and compliance efforts.
  • Create and deliver regular risk and compliance metrics for senior leadership and boards.
  • Serve as a subject matter expert (SME) for GRC‑related queries and initiatives.
Qualifications

Education and Experience
  • Bachelor’s degree in Information Security, Risk Management, Computer Science, or related field, preferred.
  • At least 4 years of experience in GRC, risk management, or compliance roles.
Skills and Competencies
  • Strong understanding of GRC tools and platforms (e.g., RSA Archer, Service Now GRC).
  • Familiarity with risk management frameworks (e.g., COBIT, FAIR) and compliance standards.
  • Exceptional analytical, problem‑solving, and organizational skills.
  • Strong written and verbal communication skills, with the ability to interact effectively with stakeholders at all levels.
  • Certifications such as CRISC, CISM, CISA or CISSP highly…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search