GRC Security Architect

Description

Title: GRC Security Architect

Location: Remote-US

Salary: Up to $150K

This is a full-time, permanent role located remotely with occasional travel as required for audits and assessments. The role reports to the Snr Director of Information Security, Governance, Risk and Compliance.

Join Us at PSI - Where You Belong, Grow, and Thrive!

At PSI, we believe that people achieve their best when they feel they truly belong. That’s why fairness and opportunity are at the heart of everything we do - values deeply embedded in our culture and the full employee experience.

We’re proud to foster an environment where everyone is supported to reach their full potential. From your first day through every step of your journey with us, you’ll feel the difference in how we work, grow, and succeed together.

What You Can Expect From Us - We know that great work starts with feeling valued. That’s why we’ve benchmarked all our roles against local market rates and why you’ll always see salary details in our job postings. We believe in transparency, and we want you to feel confident that your next move aligns with your expectations.

The GRC Security Architect plays a key role in supporting PSI’s commitment to data security, privacy, and compliance. This role is responsible for driving core activities across quality, risk management, Information Security, data protection, and audit readiness to ensure the organization meets ISO, PCI, SOC 2, and other relevant standards. The position helps deliver assurance to stakeholders that PSI prioritizes the security and privacy of its data and systems.

Key responsibilities include working to embed Security by Design principles into Infrastructure, Development and DevOps practices, and supporting an integrated end-to-end GRC approach across the organization. The role may be performed remotely with occasional travel for audits and assessments. It requires experience on Federal projects, United States residency, and the ability to obtain Federal clearance.

• Collaborate with internal teams to ensure secure design and implementation of systems and networks.
• Identify security vulnerabilities within existing and prospective systems and develop mitigation strategies.
• Ensure infrastructure and applications adhere to established security measures.
• Identify security risks and propose preventative measures.
• Assess the organization’s security status to identify areas for improvement.
• Stay up-to-date with new security threats and adopt industry best practices.
• Embed Security by Design in Infrastructure, Development and DevOps; document security controls for all systems as part of SOPs.
• Support an integrated end-to-end GRC approach across the organization.
• Maintain and update security policies, standards, procedures, and guidelines aligned with business and IT practices.
• Monitor and assess the effectiveness of security controls across business systems and processes.
• Ensure alignment with client, regulatory, and internal compliance requirements.
• Support the automation and continual improvement of GRC processes and tools.
• Generate and present GRC-related metrics and reports to internal stakeholders and executive leadership.
• Support internal and external audits (e.g., ISO27001, SOC 2) including gathering evidence and managing responses.
• Build and maintain cross-functional relationships with Legal, IT, Audit, Finance, and Business Operations to support GRC practices.
• Support ongoing compliance initiatives, including security incident reviews, risk memos, and policy exceptions.
• Participate in developing operational reports, dashboards, and trend analysis related to security and compliance activities.
• Support audit plans and compliance documentation for internal or external stakeholders.

• Experience achieving and/or maintaining third-party attestations such as FedRAMP, SOC 2, ISO27001.
• Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software).
• Experience working on a Federal Program and contributing to core documentation sets (SSP, Cont Mon reporting, POAMs, System Narrative, SCP, SIA).
• Experience implementing or maintaining FedRAMP Moderate Authorization is desirable.
• Experience documenting security controls in architecture diagrams is essential.
• Extensive training and experience in IT disciplines (application and data security, systems programming, systems design, software disciplines).
• Familiarity with OneTrust or ServiceNow GRC and Privacy tools is desired.
• Certified training in security management, risk and compliance solutions and practices. CISSP, ISSAP, CISA, CISM, GSEC, or related certifications desirable.
• Experience in a fast-paced GRC function is desirable.

• Retirement Benefits: 401(k), pension, or country-specific retirement plans with employer contributions
• Generous Time Off: Enhanced paid time off/annual leave policies
• Health & Wellbeing Coverage: Medical insurance tailored to your region, plus US: Dental, vision, life, and short-term disability insurance; UK: Medical cashback plan including dental, vision, and income protection
• Flexible Spending Accounts (US)
• Employee Assistance Program (EAP): Confidential support whenever you need it
• Work-Life Balance: We understand life happens outside of work, and we fully support flexibility
• Wellness Culture: Regular global wellness initiatives to help you stay healthy and inspired
• Future Planning: Tools and support to help you grow personally and professionally
• Giving Back: Volunteer Day each year and opportunities to support our communities and industry

At PSI, we’re more than just a workplace - we’re a global team driven by shared values and real impact. If you're ready to be part of a company that’s committed to your growth and well-being, we’d love to hear from you.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

This employer is required to notify all applicants of their rights pursuant to federal employment laws.

For further information, please review the Know Your Rights notice from the Department of Labor.