Information Security Governance Risk

5 days ago

Harrisburg, PA, United States PSECU Full time
Members Achieve More isn't just a tagline for us, it's part of everything we do We're looking for passionate individuals to join our team to help us maintain that focus every day. Want to work somewhere that's remained strong for 90 years, that encourages you to learn, grow, and pursue your dreams? If yes, then read on...

The Information Security GRC Analyst is responsible for analyzing and assessing the information security controls in an effort to protect the confidentiality, integrity, and availability of PSECU's information. The individual is responsible for ensuring network and cloud security access and for implementing and documenting measures to safeguard the network against accidental or authorized modifications, destruction, or disclosure.

The level for this position will be determined based on the selected candidate's experience.

Schedule: Monday - Friday, 9:00am -5:00pm. This position will be a hybrid model both in person and remote with minimum of onsite expectation of 40% or as needed.

In this position, you will
  • Monitor Compliance: Assist in protecting the integrity, availability and confidentiality of network resources and data. Assist in the development and enforcement of security policies, standards, and procedures. Participate in network, system, and application vulnerability assessments, generate report findings, and oversee remediation activities. Participate in the monitoring and periodic testing of IT compliance controls to ensure ongoing adherence to PSECU policies, standards, and industry frameworks for both cloud and on-prem solutions.
  • Control and Risk Assessments: Perform or coordinate control testing, assessments, and monitoring to ensure that Information Technology processes and controls are effective, functioning as designed, and managed to the appropriate level of risk. Coordinate IT self-assessment compliance reviews based on regulatory, industry standards, and internal policy requirements. Evaluate any related external frameworks or standards ((e.g., ITIL, COBIT, National Institute of Standards and Technology [NIST], ISO 27002, Center for Internet Security Critical Security Controls (SANS 20) etc.) or internal policies/standards (e.g., code of conduct, record retention, and acceptable use, etc.) to determine the relevant IT compliance requirements and controls. Conduct risk assessments to identify gaps in the control structure.
  • Vendor Due Diligence: Participate in the vendor management and due diligence process. Consult with business units when negotiating and contracting third-party service provider arrangements to ensure associated information security risks are considered. Perform necessary due diligence activities to determine third-party adherence with IT compliance requirements prior to establishing a business relationship.
  • Incident Response: Participate in or conduct incident response investigations by using and understanding PSECU's Incident Management procedures. Participate in the Incident Management Program in order to plan and respond effectively to a compromise of PSECU's IT infrastructure or to an unauthorized access and/or disclosure of sensitive company, member, or employee data. Review SIEM, operational logs, and event console activity to identify and determine the cause of security related events.
  • Awareness Program: Assist in developing Information Security and Privacy Awareness content employees, members. Assist in socializing PSECU Policies and Standards to PSECU employees.
  • Internal Audit Coordination: Collect evidence for internal and external audits. Research and respond to internal and external audit finding
  • Other duties as assigned.


Qualifications: Required & Preferred
BS, BS: Computer and Information Science

Reasonable accommodation may be made to enable a qualified individual with a disability or disabilities to perform the essential duties and responsibilities of the job.

Physical Demands and Sensory Abilities:

Repetitive movement of hands and fingers (e.g. typing, writing).

Lifting and carrying containers weighing as much as 20-30 pounds (e.g. to/from building and vehicle to a storage area).

Sitting for long periods of time (e.g. at a desk, in meetings).

Ability to reach above, at, and below the waist.

Ability to reach above, at, and below shoulder level.

Occasional bending, kneeling, stooping and/or squatting.

Visual acuity.

Auditory acuity.

  • Sr. Sales Executive, Government Risk

    1 week ago

    Harrisburg, PA, United States Thomson Reuters Full time

    Sr. Sales Executive Are you passionate about the chance to bring your sales experience to a world class company that is market leading for both content and technology? We're looking for an experienced Senior Sales Executive to join our Government Risk & Fraud team. With a focus on identity fraud, program integrity and investigative markets, the Government...

  • Sr. Sales Executive, Government Risk

    2 weeks ago

    Harrisburg, PA, United States Thomson Reuters Full time

    Sr. Sales Executive Are you passionate about the chance to bring your sales experience to a world class company that is market leading for both content and technology? We're looking for an experienced Senior Sales Executive to join our Government Risk & Fraud team. With a focus on identity fraud, program integrity and investigative markets, the Government...

  • Regional Manager, Data Center Security Risk Assessments

    1 week ago

    Harrisburg, PA, United States Oracle Full time

    Job Description SUMMARY: The Physical Security Operations team serves as the primary point of contact for all stakeholders, ensuring that physical security requirements and expectations are consistently met through high-quality, industry-standard programs and services. Oracle is seeking a security professional to join our team supporting both company-owned...

  • GRC Security Architect

    2 weeks ago

    Harrisburg, PA, United States PSI Services Full time

    Description Title: GRC Security Architect Location: Remote-US Salary: Up to $150K About PSI Join Us at PSI - Where You Belong, Grow, and Thrive! At PSI, we believe that people achieve their best when they feel they truly belong. That's why fairness and opportunity are at the heart of everything we do - not just words, but values deeply embedded in our...

  • Manager, Government Financial Compliance

    2 weeks ago

    Harrisburg, PA, United States CBRE Full time

    Manager, Government Financial Compliance Job ID 240421 Posted 03-Oct-2025 Service line Corporate Segment Role type Full-time Areas of Interest Accounting/Finance, Legal Location(s) Remote - US - Remote - US - United States of America About The Role: As a CBRE Manager of Government Financial Compliance, you will provide oversight of financial compliance...

  • Business Risk Partner-ALM

    1 week ago

    Harrisburg, PA, United States UMB Bank Full time

    Enterprise and Operational Risk partners with UMB management in its obligation to effectively manage operational, compliance and other related risks within the UMB family of corporations. This team provides timely, accurate, and seasoned judgment related to operational, regulatory compliance risk, suggests strategies for mitigating risk, promotes a strong...

  • Associate Data Governance Consultant

    2 days ago

    Harrisburg, PA, United States Highmark Health Full time

    Company : Allegheny Health Network Job Description : JOB SUMMARY This job understands end-to-end data processes and flows and uses that knowledge to design and implement data management solutions. Provides business process, system support and data quality governance through data coordination and integration to ensure efficient processes and consistent data...

  • Associate Data Governance Consultant

    1 day ago

    Harrisburg, PA, United States Highmark Health Full time

    Company : Allegheny Health Network Job Description : JOB SUMMARY This job understands end-to-end data processes and flows and uses that knowledge to design and implement data management solutions. Provides business process, system support and data quality governance through data coordination and integration to ensure efficient processes and consistent data...

  • Senior Security Engineer

    5 days ago

    Harrisburg, PA, United States Hudson Manpower Full time

    We are looking for a hands on WorkDay developer. This person will fully understand how the HCM modules work and will be able to customize workflows and finetune the system. They will be highly focused on Performance Management and Performance Metrics within workday. Job Description: Experience with industry standard Red Team testing tools (Cobalt Strike,...

  • Market Risk Partner

    2 weeks ago

    Harrisburg, PA, United States Highmark Health Full time

    Company : Highmark Inc. Job Description : JOB SUMMARY This job supports the Underwriting department and applies actuarial techniques and statistical analysis to several functions, including insurance premium and pricing development, claim trend analysis, experience studies, medical economics, profitability analysis, wellness studies, predictive modeling,...