Job Description
Note: The job is a remote job and is open to candidates in USA. UGI Corporation is a holding company that distributes and markets energy products and services. They are seeking a Global Senior GRC Analyst to ensure compliance with regulatory obligations and manage organizational risks while collaborating with cross-functional teams to implement governance, risk, and compliance processes. Responsibilities β’ Develop and maintain corporate policies, procedures, and frameworks to align with industry best practices (e.g., NIST CSF, SOX, PCI, etc.). β’ Assist with the development and maintenance of GRC process and procedure documentation. β’ Ensure IT functions are in compliance with best practices and company policies and standards through assessments (i.e. peer reviews, audits, etc.). β’ Track key risk indicators and security metrics. β’ Assist with conducting gap assessments to identify threats, vulnerabilities, and potential impacts on the organization. β’ Develop and maintain the risk register, ensuring risks are documented, prioritized, and mitigated. β’ Perform third-party/vendor risk assessments to evaluate potential risks associated with external partnerships and perform on-going monitoring to assess risk of engagement. β’ Maintain centralize documentation, continuous monitoring for vendors, formal escalation protocols for non-compliance to ensure alignment with enterprise risk tolerance. β’ Document risk acceptance decisions and compensating controls. β’ Develop and maintain templates for consistent risk documentation. β’ Assist in evaluating cybersecurity risk on incoming projects. β’ Assist and support team in performing cybersecurity due diligence on merger/acquisition targets. β’ Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS) and industry standards through monitoring and reporting metrics, security exceptions and using other methods to monitor compliance. β’ Drive compliance by maintaining the compliance framework to ensure policies and standards align to regulatory requirements, laws and best practices. β’ Collaborate with business units to understand critical processes. β’ Educate stakeholders on risk management concepts and frameworks. β’ Partner with technical teams to validate remediation plans. β’ Present risk findings to appropriate governance committees. β’ Coordinate and collaborate with stakeholders to establish and track metrics for governance programs. β’ Collaborate with stakeholders to monitor regulatory and industry developments to ensure compliance with changes. β’ Coordinate and collaborate with stakeholders to track outcomes and metrics for all third-party breaches. β’ Advise stakeholders on compliance requirements and incorporate new metrics into governance life cycle process, including new tools as they are onboarded. β’ Coordinate the review of Policies and Standards through collaborating with stakeholders. β’ Partner with IT, Legal, HR, and other departments to ensure alignment on risk and compliance efforts. β’ Create and deliver regular risk and compliance metrics for senior leadership and boards. β’ Serve as a subject matter expert (SME) for GRC-related queries and initiatives. Skills β’ 4β6 years of experience in GRC, risk management, or compliance roles β’ Strong understanding of GRC tools and platforms (e.g., RSA Archer, ServiceNow GRC) β’ Familiarity with risk management frameworks (e.g., COBIT, FAIR) and compliance standards β’ Exceptional analytical, problem-solving, and organizational skills β’ Strong written and verbal communication skills, with the ability to interact effectively with stakeholders at all levels β’ Advanced degree β’ Certifications such as CRISC, CISM, CISA or CISSP Education Requirements β’ Bachelorβs degree in Information Security, Business Administration, or related field Benefits β’ Generous and Family-friendly Health & Welfare Benefits Including: Medical, Vision, and Dental Plans β’ Optional Health Savings Account β’ Optional Dependent Care Savings Account β’ Paid Maternity/Paternity Leave β’ Work from home policy β’ Employee Assistance Program β’ 401K with a generous company match β’ Tuition Reimbursement β’ Assistance with Professional Credentialing β’ Referral Bonuses β’ Employee Discount Programs Company Overview β’ UGI Corporation is a holding company that, through subsidiaries operates natural gas and electric utilities. It was founded in 1882, and is headquartered in King Of Prussia, Pennsylvania, USA, with a workforce of 5001-10000 employees. Its website is Company H1B Sponsorship β’ UGI Corporation has a track record of offering H1B sponsorships, with 1 in 2024, 1 in 2023, 1 in 2022, 3 in 2021. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job