Job Information
Insight Global Policy GRC Analyst in Cecil, Pennsylvania
Job Description
Insight Global is looking for a Policy GRC Analyst to support one of our clients in the Oil and Gas industry.
This role acts as a liaison between risk, cybersecurity, audit, and IT/OT teams, with a focus on policy development, governance, and enterprise risk alignment in a highly regulated environment. The individual will work cross-functionally to drive executive buy-in, standardize compliance processes, and support ongoing technology modernization initiatives while ensuring regulatory and audit readiness.
Success in this role:
• Creating strong process on implementation
• Supporting efforts to move the organization up one tier in the NIST Cybersecurity Framework (CSF)
• Maintaining and enhancing Audit Board
• Establishing Third Party vendor risk validation
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
• 3+ Years working in an IT/OT and SCADA Environment (If not, other another regulated environment Ex. Healthcare, Financial, Etc.)
• 3-5 years of experience supporting legacy system migrations from a governance, risk, and compliance (GRC) perspective
○ Focus on policy, control mapping, risk validation, and documentation
• Ability to communicate with non-technical stakeholders
Experience with SOX and NIST Compliance Standards • Microsoft Systems Background
○ supporting modernization and migration initiatives from a governance, risk, and compliance perspective
• Experience with Audit Board or Drata
○ Document, Test, Track, and Report Compliance Activities
•Experience Conducting Third-Party Vendor Risk Questionnaire/Validation