[Remote] Global Sr GRC Analyst

Note: The job is a remote job and is open to candidates in USA. UGI Corporation is a holding company that distributes and markets energy products and services. They are seeking a Global Senior GRC Analyst to ensure compliance with regulatory obligations and manage organizational risks while collaborating with cross-functional teams to implement governance, risk, and compliance processes. Responsibilities • Develop and maintain corporate policies, procedures, and frameworks to align with industry best practices (e.g., NIST CSF, SOX, PCI, etc.). • Assist with the development and maintenance of GRC process and procedure documentation. • Ensure IT functions are in compliance with best practices and company policies and standards through assessments (i.e. peer reviews, audits, etc.). • Track key risk indicators and security metrics. • Assist with conducting gap assessments to identify threats, vulnerabilities, and potential impacts on the organization. • Develop and maintain the risk register, ensuring risks are documented, prioritized, and mitigated. • Perform third-party/vendor risk assessments to evaluate potential risks associated with external partnerships and perform on-going monitoring to assess risk of engagement. • Maintain centralize documentation, continuous monitoring for vendors, formal escalation protocols for non-compliance to ensure alignment with enterprise risk tolerance. • Document risk acceptance decisions and compensating controls. • Develop and maintain templates for consistent risk documentation. • Assist in evaluating cybersecurity risk on incoming projects. • Assist and support team in performing cybersecurity due diligence on merger/acquisition targets. • Ensure compliance with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS) and industry standards through monitoring and reporting metrics, security exceptions and using other methods to monitor compliance. • Drive compliance by maintaining the compliance framework to ensure policies and standards align to regulatory requirements, laws and best practices. • Collaborate with business units to understand critical processes. • Educate stakeholders on risk management concepts and frameworks. • Partner with technical teams to validate remediation plans. • Present risk findings to appropriate governance committees. • Coordinate and collaborate with stakeholders to establish and track metrics for governance programs. • Collaborate with stakeholders to monitor regulatory and industry developments to ensure compliance with changes. • Coordinate and collaborate with stakeholders to track outcomes and metrics for all third-party breaches. • Advise stakeholders on compliance requirements and incorporate new metrics into governance life cycle process, including new tools as they are onboarded. • Coordinate the review of Policies and Standards through collaborating with stakeholders. • Partner with IT, Legal, HR, and other departments to ensure alignment on risk and compliance efforts. • Create and deliver regular risk and compliance metrics for senior leadership and boards. • Serve as a subject matter expert (SME) for GRC-related queries and initiatives. Skills • 4–6 years of experience in GRC, risk management, or compliance roles • Strong understanding of GRC tools and platforms (e.g., RSA Archer, ServiceNow GRC) • Familiarity with risk management frameworks (e.g., COBIT, FAIR) and compliance standards • Exceptional analytical, problem-solving, and organizational skills • Strong written and verbal communication skills, with the ability to interact effectively with stakeholders at all levels • Advanced degree • Certifications such as CRISC, CISM, CISA or CISSP Education Requirements • Bachelor’s degree in Information Security, Business Administration, or related field Benefits • Generous and Family-friendly Health & Welfare Benefits Including: Medical, Vision, and Dental Plans • Optional Health Savings Account • Optional Dependent Care Savings Account • Paid Maternity/Paternity Leave • Work from home policy • Employee Assistance Program • 401K with a generous company match • Tuition Reimbursement • Assistance with Professional Credentialing • Referral Bonuses • Employee Discount Programs Company Overview • UGI Corporation is a holding company that, through subsidiaries operates natural gas and electric utilities. It was founded in 1882, and is headquartered in King Of Prussia, Pennsylvania, USA, with a workforce of 5001-10000 employees. Its website is http://www.ugicorp.com/. Company H1B Sponsorship • UGI Corporation has a track record of offering H1B sponsorships, with 1 in 2024, 1 in 2023, 1 in 2022, 3 in 2021. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job Apply To this Job