[Remote] Global Sr GRC Analyst

Note: The job is a remote job and is open to candidates in USA. UGI Corporation is a holding company that distributes and markets energy products and services. They are seeking a Global Senior GRC Analyst to ensure compliance with regulatory obligations and manage organizational risks while collaborating with cross-functional teams to implement governance, risk, and compliance processes.

Responsibilities

• Develop and maintain corporate policies, procedures, and frameworks to align with industry best practices (e.g., NIST CSF, SOX, PCI, etc.).
• Assist with the development and maintenance of GRC process and procedure documentation.
• Ensure IT functions are in compliance with best practices and company policies and standards through assessments (i.e. peer reviews, audits, etc.).
• Track key risk indicators and security metrics.
• Assist with conducting gap assessments to identify threats, vulnerabilities, and potential impacts on the organization.
• Develop and maintain the risk register, ensuring risks are documented, prioritized, and mitigated.
• Perform third-party/vendor risk assessments to evaluate potential risks associated with external partnerships and perform on-going monitoring to assess risk of engagement.
• Maintain centralize documentation, continuous monitoring for vendors, formal escalation protocols for non-compliance to ensure alignment with enterprise risk tolerance.
• Document risk acceptance decisions and compensating controls.
• Develop and maintain templates for consistent risk documentation.
• Assist in evaluating cybersecurity risk on incoming projects.
• Assist and support team in performing cybersecurity due diligence on merger/acquisition targets.
• Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS) and industry standards through monitoring and reporting metrics, security exceptions and using other methods to monitor compliance.
• Drive compliance by maintaining the compliance framework to ensure policies and standards align to regulatory requirements, laws and best practices.
• Collaborate with business units to understand critical processes.
• Educate stakeholders on risk management concepts and frameworks.
• Partner with technical teams to validate remediation plans.
• Present risk findings to appropriate governance committees.
• Coordinate and collaborate with stakeholders to establish and track metrics for governance programs.
• Collaborate with stakeholders to monitor regulatory and industry developments to ensure compliance with changes.
• Coordinate and collaborate with stakeholders to track outcomes and metrics for all third-party breaches.
• Advise stakeholders on compliance requirements and incorporate new metrics into governance life cycle process, including new tools as they are onboarded.
• Coordinate the review of Policies and Standards through collaborating with stakeholders.
• Partner with IT, Legal, HR, and other departments to ensure alignment on risk and compliance efforts.
• Create and deliver regular risk and compliance metrics for senior leadership and boards.
• Serve as a subject matter expert (SME) for GRC-related queries and initiatives.

Skills

• 4–6 years of experience in GRC, risk management, or compliance roles
• Strong understanding of GRC tools and platforms (e.g., RSA Archer, ServiceNow GRC)
• Familiarity with risk management frameworks (e.g., COBIT, FAIR) and compliance standards
• Exceptional analytical, problem-solving, and organizational skills
• Strong written and verbal communication skills, with the ability to interact effectively with stakeholders at all levels
• Advanced degree
• Certifications such as CRISC, CISM, CISA or CISSP

Education Requirements

• Bachelor’s degree in Information Security, Business Administration, or related field

Benefits

• Generous and Family-friendly Health & Welfare Benefits Including: Medical, Vision, and Dental Plans
• Optional Health Savings Account
• Optional Dependent Care Savings Account
• Paid Maternity/Paternity Leave
• Work from home policy
• Employee Assistance Program
• 401K with a generous company match
• Tuition Reimbursement
• Assistance with Professional Credentialing
• Referral Bonuses
• Employee Discount Programs

Company Overview

• UGI Corporation is a holding company that, through subsidiaries operates natural gas and electric utilities. It was founded in 1882, and is headquartered in King Of Prussia, Pennsylvania, USA, with a workforce of 5001-10000 employees. Its website is http://www.ugicorp.com/.

Company H1B Sponsorship

• UGI Corporation has a track record of offering H1B sponsorships, with 1 in 2024, 1 in 2023, 1 in 2022, 3 in 2021. Please note that this does not guarantee sponsorship for this specific role.

Apply tot his job Apply To this Job