GRC – Technical Controls Analyst II
PCI Pharma Services
full-time
Posted on:
Location Type: Remote
Location: Pennsylvania • United States
Visit company websiteExplore more
Tech Stack
About the role
- Manage PCI Pharma's cybersecurity governance, risk, and compliance program
- Develop and maintain cybersecurity policies, standards, and procedures
- Manage technical controls auditing across 150+ applications and systems quarterly
- Coordinate GxP computer system validation activities with Quality Assurance team
- Conduct risk assessments for new systems, vendors, and business initiatives
- Maintain compliance evidence and documentation for regulatory audits
- Lead internal security control assessments and gap remediation tracking
- Support third-party/vendor cyber risk management
- Develop and track key risk indicators (KRIs) and security metrics
- Coordinate with external auditors and manage audit finding remediation
Requirements
- Bachelor's degree in Information Security, Risk Management, or related field
- 4+ years of experience in GRC, security compliance, or audit roles
- Strong knowledge of security frameworks (NIST CSF, ISO 27001, CIS Controls)
- Experience with pharmaceutical regulations (21 CFR Part 11, GxP, Annex 11)
- Proficiency in controls testing and evidence collection
- Experience with risk assessment methodologies
- Strong documentation and technical writing skills
- Excellent communication skills for audit and stakeholder interactions
- Project management capabilities for compliance initiatives
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecurity governancerisk managementcompliance programcybersecurity policiestechnical controls auditingrisk assessmentssecurity frameworkscontrols testingevidence collectionproject management
Soft Skills
documentation skillstechnical writing skillscommunication skillsstakeholder interactions