All roles

Open role

GRC Cybersecurity Analyst - Cloud and Client Services

Remote · Hong Kong Full-time

Title: GRC Cybersecurity Analyst / Cloud & Client Services Location: Remote United States Job Description: PCI Energy Solutions, is a thriving global company where you can impact millions of lives every day. Our Software helps protect the environment and lowers utility bills by optimizing energy and utility company operations. We're hiring and growing in locations throughout the U.S. with our headquarters located in Norman, OK; We also have international offices in Peru and Mexico. We put a high value on work-life harmony by offering flexible working hours and remote work. You can work from home full-time or come into the office on a need basis. GRC Cybersecurity Analyst Summary of the position: The GRC (Governance, Risk, and Compliance) Cybersecurity Analyst will be responsible for operational activities that include ensuring that the organization complies with all relevant regulations and standards, managing risks related to information security, and establishing robust governance processes. This role involves evaluating and improving the effectiveness of IT controls, conducting risk assessments, and supporting audits, certificate management, identity and access management and support vulnerability remediations. The ideal candidate will have an understanding of cybersecurity principles, regulatory requirements, and risk management practices. Key Responsibilities:

  • Governance:
  • Develop, implement, and maintain company security policies, procedures, and standards to ensure compliance with applicable regulations and industry best practices.
  • Collaborate with various divisions/departments to ensure security policies and procedures are understood and followed.
  • Monitor changes in regulations and update policies and procedures accordingly.
  • Risk Management:
  • Conduct risk assessments to identify, evaluate, and mitigate risks related to information security.
  • Maintain the company's risk register and track the status of risk mitigation efforts.
  • Work with stakeholders to develop risk treatment plans and ensure timely implementation of controls.
  • Compliance:
  • Ensure compliance with relevant regulatory requirements (e.g., GDPR, HIPAA) and industry standards (e.g. NIST, SOC).
  • Prepare for and support internal and external audits, including the collection and organization of evidence.
  • Conduct regular compliance assessments and report on the status of compliance efforts.
  • Control Implementation and Testing:
  • Assist in the design and implementation of security controls to protect information assets.
  • Conduct regular testing of security controls to ensure effectiveness and compliance.
  • Identify control deficiencies and recommend improvements.
  • Incident Response:
  • Support incident response activities, including investigation, documentation, and reporting of security incidents.
  • Assist in the development and maintenance of incident response plans and procedures.
  • Participate in incident response simulation exercises and post-incident reviews.
  • Training and Awareness:
  • Develop and deliver security awareness training programs for employees.
  • Promote a culture of security awareness throughout the organization.
  • Stay updated on the latest cybersecurity threats and trends and communicate relevant information to stakeholders.
  • Documentation and Reporting:
  • Maintain accurate and up-to-date documentation of security policies, procedures, risk assessments, and compliance efforts.
  • Prepare regular reports for management on the status of the GRC program, including key metrics and risk indicators.
  • Document findings from audits, assessments, and incident investigations and track remediation efforts.

Skills and Qualifications:

  • Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity or a related/supporting field and/or relevant experience/and or certifications in cybersecurity to include technical and others such as CISSP, CISM, CISA, or CRISC. It is expected that a CISSP, CISM, CISA, or CRISC will be obtained within 24 months of hire.
  • Experience: Minimum of 1-3 years of experience in cybersecurity, data privacy with a focus on governance, risk, and compliance, vulnerability management, incident response, network security.
  • Technical Skills: Good understanding of security frameworks and standards (e.g., ISO, NIST, SOC). Familiarity with certificate management, Identity and Access Management (IAM), risk assessment methodologies and compliance requirements (e.g., HIPAA, GDPR and other global privacy regulations).
  • Soft Skills: Strong analytical and problem-solving abilities, and communication skills. Ability to work collaboratively with cross-functional global teams.
  • Other Requirements: Strong attention to detail, ability to manage multiple tasks simultaneously, and a proactive approach to identifying and addressing security risks.

EO Statement PCI is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. PCI is also committed to compliance with all fair employment practices regarding citizenship and immigration status

More open positions

GRC Analyst (Governance, Risk & Compliance)

Work from home Full-time role

Senior Governance, Risk and Compliance Analyst - Governance / GRC Remote - Netherlands

Work from home Full-time role

Remote GRC Consultant: CMMC & Compliance Expert

Work from home Full-time role

GRC Analyst, Privacy

Work from home Full-time role

GRC Privacy Analyst

Work from home Full-time role

Operations Technology Coordinator

Work from home Full-time role

Marketing Data Analyst and Enablement Lead

Work from home Full-time role

[Remote] Digital Portfolio Operations Leader

Work from home Full-time role

L&I Workers' Compensation Adjudicator 4/Trainer

Work from home Full-time role

Experienced Medical Record/Data Entry Clerk/Project Support Associate – Revenue Recovery Department at Worknovaq

Work from home Full-time role

Chief Financial Officer

Work from home Full-time role

Director, Customer Marketing & Advocacy – Strategic Customer Experience, Community Building, Executive Briefing Center Leadership, and Advisory Board Management

Work from home Full-time role

Senior Content Marketing Manager - EMEA

Work from home Full-time role

Remote Clinical Pharmacist – Prior Authorization {168981}

Work from home Full-time role

Safety and Risk Management Consultant _ Remote: Eastern PA

Work from home Full-time role

Linguistic QA Tester Remote - Lithuanian

Work from home Full-time role

Remote Customer Service Representative – careerzynith Healthcare Solutions & Managed Care Support (10 PM – 7 PM CT)

Work from home Full-time role

Senior Manager, Learning Management System (LMS) - HR Technology

Work from home Full-time role

Compensation & Benefits Manager (all genders) auf den kanarischen Inseln

Work from home Full-time role

[Remote] Finance Specialist | $65/hr Remote

Work from home Full-time role

Manager, Quality Assurance - EU Q&C Audit Defense Team

Work from home Full-time role