GRC Security Analyst II
Aqua America
Essential Utilities, Inc. Job Title: GRC Security Analyst II (Governance & Risk) Responsibilities Manage execution of both enterprise-wide and focused risk, threat, and vulnerability assessments, including but not limited to Security Awareness, Vulnerability, Configuration, and Third-Party Assessments. Analyze and prioritize risk, vulnerability, and compliance findings to define remediation priorities considering all available data sources; partnering with technology and business stakeholders to socialize and implement remediation plans. Define and manage qualitative and quantitative metrics and reporting to measure the success of vulnerability, third party, security awareness, security awareness, configuration, and asset management remediations. Ability to lead ongoing vulnerability management processes, including working with IT and business stakeholders to prepare vulnerability remediation plans, track progress, and reduce overall vulnerability exposures. Participate in development, implementation and operation of control/compliance frameworks and security best practices based on ISO 27001/27002, NIST (800‑30, Cyber Security Framework/CSF), COBIT, Critical Security Controls, CIS Configuration Benchmarks. Monitor compliance with security configuration standards for servers, endpoints, software, and networking platforms based on CIS Benchmarks. Work closely with IT, development, and operations teams to ensure the integration of security practices into the software development lifecycle (SDLC) and IT operations. Lead or assist with vendor and 3rd party risk assessments. Create/maintain documentation of security solutions, services, configurations, and processes. Work closely with engineers focused on intrusion detection, incident response and security operations to manage risk related to existing and emerging threats. Collaborate with other security engineers to analyze, process, integrate, communicate, and respond to threat intelligence. Ability to participate in or lead development, improvements and updates to continually improve security controls, policies, guidelines, processes and procedures. Develop and deliver security awareness training programs for employees to enhance their understanding of security best practice to ensure that security and risk management continue to be integrated into the corporate culture. Lead development and operation of the security awareness program to ensure that security and risk management continue to be integrated into the corporate culture. Implement and maintain controls for compliance and privacy. Act as liaison to internal and external audit teams as needed. Provide escalation support for the Information Technology Help Desk as required. Ability to work off hours maintenance windows and participate in rotating on call shift periodically. Ability to work alone or function effectively as part of a team. All other duties as assigned by management. Qualifications Bachelors in Information Technology, Computer Science, Cyber Security, Security and Risk Analysis, Information Assurance. 3‑5 years of previous Governance & Risk experience. Candidates must have a minimum of one of the following certifications or will be required to obtain within the first 12 months: CISSP, GIAC (GSEC, GSNA), CRISC, CISA, CISM, CCSP, SSCP, CAP, CSSLP, CSX Practitioner. Experience working with assessment tools such as Qualys Policy Compliance and CIS‑CAT. Experience developing and using Qualys, or other vulnerability management, platforms with experience in multiple modules and/or areas: Vulnerability Management, Policy Compliance, Continuous Monitoring, Policy Compliance, Web Application Scanning and Asset Management. Experience leading security awareness program development including: Leading regular phishing assessment campaigns. Creating innovative security awareness campaigns using solution provider and custom‑developed tools/trainings designed to be flexible and adaptable across a diverse employee population (executives, engineering, marketing and communications, finance, customer service, etc.). Participate in aligning the security awareness program with the enterprise’s greatest risks and measure the impact in risk reduction from security awareness efforts. GRC platform experience, with RSA Archer knowledge a strong positive. Strong written and verbal communication skills are required as this position will be responsible for working directly with technical teams and business stakeholders. Demonstrates strong organizational skills and the ability to multi‑task, prioritize workload and delegate responsibilities. Strong analytical skills for assessing and prioritizing security risks. Ability to promote a security‑conscious culture within the organization. Ability to adapt to evolving threats, technologies, and organizational needs. Ability to understand and integrate security into project and application lifecycles for enterprise IT systems. Minimum of 3 to 5 years experience in Information Technology focusing on information security auditing, risk analysis, and vulnerability management. General knowledge of the following technologies from a security perspective: Active Directory, database platforms, web server platforms, Middleware, PKI, cloud computing, Office 365 and Azure. Experience using statistical, quantitative, and qualitative analysis techniques. Proactive approach to staying informed on the latest security threats, vulnerabilities, and industry best practices. Essential Utilities, Inc., is an Equal Opportunity/Affirmative Action employer. Equal employment opportunity is provided to all employees and applicants for employment without regard to the following legally protected characteristics: race, color, religion, sex, national origin, age, pregnancy (including childbirth and related medical conditions, including medical conditions related to lactation), physical or mental disability, covered‑veteran status, genetic information (including testing and characteristics), sexual orientation, gender identity or expression or any other characteristic protected by applicable local, state or federal law. Essential Utilities is committed to providing reasonable accommodation to individuals with disabilities. If you have a condition that may prevent you from applying for a job online or need to request an accommodation during the interview process, please call View phone number on click.appcast.io). #J-18808-Ljbffr Aqua America
- Aqua seeks a GRC Security Analyst II to ensure the security and integrity of information systems. Responsibilities include risk assessments, developing remediation plans, and ensuring compliance with best practices. The ideal candidate will have a Bachelor’s degree in Information...Suggested
- Essential Utilities, Inc. is seeking a Security Analyst II (Governance & Risk) to ensure the security and integrity of information systems. This role involves conducting risk and vulnerability assessments and collaborating with technical teams to develop remediation strategies...Suggested
- Aqua America, Inc. is hiring a GRC Security Analyst II responsible for managing risk assessments, developing security awareness programs, and ensuring compliance with security standards. The role requires a bachelor's degree in Information Technology or a related field,...Suggested
- Overview As a Security Governance Analyst, you will play a pivotal role in advancing the firm’s cybersecurity efforts. This role provides a unique... ...Power-user of Business Intelligence and/or Cybersecurity GRC tools a plus #J-18808-Ljbffr Susquehanna International GroupSuggested
- ...voice, data, and managed network solutions, supporting customers across markets and geographies. We are excited to be adding a Security Analyst to our growing Information Technology team. In this role, you will support BCM One’s security operations by monitoring and...SuggestedWork at officeRelocation2 days per week1 day per week
- ...Data Security Analyst We are looking for a Data Security Analyst to join our Information Security Architecture team in Philadelphia, PA or Overland Park, KS (Hybrid). This is an exciting opportunity to work on cutting-edge data protection and security initiatives leveraging...Full timeWork experience placementWork at office2 days per week
- ...Qualifications: Required ~5+ years of relevant information security experience (or 3+ years in IT systems administration with 2... ...and tabletop scenarios. Governance, Risk & Compliance (GRC) Draft or revise local policies, standards, guidelines, and...Local areaRelocation
- ...Security Analyst Sonsoft, Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled...Permanent employmentFull timeH1b
- ...Security Risk & Governance Analyst As a Security Risk & Governance Analyst, you will be a key contributor to our Security Assurance team, doing hands... ...firm's cybersecurity governance, risk, and compliance (GRC) program. From day one you'll take on real work,...Internship
$85k - $100k
...The IT Security Analyst is responsible for global cybersecurity operations, risk management, and compliance, ensuring the protection and integrity of enterprise systems and data. Key Responsibilities - Lead and manage global IT cybersecurity strategy and operations...Permanent employment- Penn Medicine is hiring a Pre-Registration Specialist II in the Finance department to support financial clearance for outpatient services. This role requires detailed knowledge of insurance plans, authorizations, and payment arrangements, with a focus on accurate data...
- ...GRC Analyst We are looking for an individual who is personable, comfortable working within a growing & supportive environment and capable... ...IT internal controls Evaluate and assist with developing security monitoring and operating procedures at the application, system...Remote work
- ...professional development. Summary Of The Role We are looking for an experienced and dynamic Permitting & Regulatory Compliance Specialist II to join our growing team. In this role you will independently manage a defined caseload of permitting and compliance projects, owning...Work at officeImmediate startRemote workFlexible hours
- ...significant publicly traded water, wastewater service and natural gas providers in the U.S. Finance & Rates Analyst in Bryn Mawr, PA The Finance and Rates Analyst II prepares, supports, analyzes and provides testimony for the financial and compliance filings related to...Work at officeLocal areaFlexible hours
- ...The Security Analyst is responsible for the day-to-day execution of STARR's information security operations across a multi-concept restaurant... ...post-Workday governance and the buildout of the Technology GRC pillar. Required Qualifications Two to four years of hands...Full time
$50 - $63 per hour
Job Description Job Description JOB-2381 Hybrid - Thursdays on-site Duration: 9 months The CIP Compliance Department is responsible for assisting in the development, coordination, monitoring, and communication of all applicable Critical Infrastructure Protection...Hourly payTemporary work- CIP Compliance Department Position JOB-2381 Hybrid - Thursdays on-site Duration: 9 months The CIP Compliance Department is responsible for assisting in the development, coordination, monitoring, and communication of all applicable Critical Infrastructure Protection ...
- ...Our employees shape our future each day. Are you living your life's work? Security This position is located at the Perelman Center- 3400 Civic Center Boulevard The Security Officer II provides protection for the safety and security of hospital personnel,...Shift work
- ...Actuarial Analyst II Bring your drive for excellence, team orientation and customer commitment to Independence; help us renew and reimagine our business and shape the future of health care. Our organization is looking to diversify, grow, innovate and serve, and we...Work experience placementInterim role
- Core States Group is seeking a Permitting & Regulatory Compliance Specialist II to oversee permitting and compliance projects. The role involves managing multiple projects, serving as the liaison between clients and regulatory agencies, and ensuring successful project...Remote job
- ...Job Description Job Description Harbor Consulting & Management, Inc is looking to hire an Information Security Compliance Analyst - CISSP/CISA. Compensation: ~140K +/DOE. Employment type: ~ FT. We are a 20+ year old professional services organization...
- ...GRC Analyst Rootshell Enterprise Technologies Inc. is a recognized provider of professional IT Consulting services in the US. We are actively seeking a GRC Analyst for one of our clients. Location: Philadelphia, PA - Hybrid Job Summary: Skills and Competencies...
$50 - $60 per hour
DataAnnotation is committed to creating high-quality AI. Enjoy the flexibility of remote work and the freedom to set your own schedule. This is an opportunity to work with us as an independent contractor. We're currently expanding into an exciting new area – teaching...Hourly payContract workFor contractorsWork experience placementRemote work- Young World Physical Education is seeking an Accountant II to join their Business Office in Upper Darby, Pennsylvania. The ideal candidate will perform significant accounting duties, ensuring accurate financial reporting and compliance with state and federal requirements...Permanent employmentFull timeWork at office
- Administration - Confidential Secretary - Accountant II Upper Darby School District Administrative Office - Upper Darby, Pennsylvania. Open in Google Maps. Job Details Job ID: 5744941 Application Deadline: Posted until filled Posted: May 28, 2026 4:00 AM (UTC) Starting...Permanent employmentFull timeWork at officeImmediate startWork visa
- ...Description Envestnet is seeking a Data Analyst II to join our Product department. This is a hybrid role, with in-office work required at our Berwyn, PA office location. Envestnet is transforming the way financial advice is delivered through its connected...Work at office
- ...Technology for Life”. This is a hybrid position working 2‑3 days in our US Headquarters office located in Telford, PA. The IT Automation Analyst II designs, builds, and operates intelligent automation solutions using modern software and AI technologies. This role focuses on...Permanent employmentTemporary workWork at officeFlexible hours
- Draeger Medical Systems, Inc. is seeking an IT Automation Analyst II to design and implement automation solutions using AI technologies. This role will work on developing cutting-edge AI-driven workflows and systems, ensuring alignment with global IT initiatives and ethical...
- ...SSG Capital Advisors, LLC ("SSG") is looking for an Investment Banking Analyst to join its suburban Philadelphia office (must be currently living in or willing to relocate to the Philadelphia area) . SSG is an independent boutique investment bank that specializes in mergers...Work at officeRelocation
- Aqua in Bryn Mawr, PA seeks a Finance & Rates Analyst to support financial filings and rate cases, ensuring compliance with regulatory standards. The candidate will analyze financial models and assist in budget preparation. Successful candidates will possess a BA/BS degree...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC Security Analyst II. Be the first to apply!


