📌 Job Post: Technical Security Risk & Governance Analyst (Hybrid)

Job Code: OA/EISO 795990
Client: Commonwealth of Pennsylvania
Location: Harrisburg, PA (Hybrid – 2 days onsite per week)
Duration: Through 06/30/2026 (Extension Possible)
Hours: Full-time, 40 hours/week
Preference: Local candidates within 2 hours of Harrisburg

Job Summary

The Commonwealth of Pennsylvania is seeking a Technical Security Risk & Governance Analyst to support its enterprise cybersecurity program. This role focuses on performing security risk assessments, control testing, governance, and compliance activities across on-premises and cloud environments. The analyst will collaborate with IT, audit, and business stakeholders to ensure security controls align with state policies and industry frameworks.

Key Responsibilities

Conduct technical security risk assessments for on-prem, cloud (IaaS/PaaS/SaaS), and hybrid systems.
Perform control design and operating effectiveness testing aligned with NIST CSF/800-53, CIS Controls, and ISO 27001.
Support Authority to Operate (ATO), continuous monitoring, and security attestations.
Maintain and update security policies, standards, procedures, and control libraries.
Coordinate internal and external audits (HIPAA, CJIS, PCI DSS, FERPA, IRS Pub 1075).
Perform third-party/vendor security reviews and support secure procurement activities.
Develop dashboards and reports using Excel and Power BI for leadership reporting.
Provide security guidance during incident response and change advisory reviews.

Required Qualifications

Bachelor’s degree in Information Security, Computer Science, Information Systems, or equivalent experience.
1–3 years of experience in information security, risk management, audit, or a related technical role.
Strong knowledge of security frameworks: NIST CSF/800-53, ISO 27001, CIS Controls.
Experience with risk analysis, control testing, and security documentation.
Proficiency with Excel, Power BI, and reporting to technical and non-technical audiences.

Preferred Qualifications

Security certifications: CISSP, CISM, CRISC, CGRC (CAP), Security+, CCSP/CCSK, or CISA.
Cloud security experience with AWS, Azure, and/or Google Cloud.
Knowledge of IAM, network security, logging/SIEM, encryption, and DevOps security practices.

Work Requirements

Hybrid schedule with approximately 2 days onsite per week in Harrisburg, PA.
Occasional travel to data centers or agency sites may be required.
Background check required per state policy.

Compensation: $60.00 per hour

About SR International INC.

SR International has been a leading name among the IT consulting companies with offices in US and India. For past 16 years, our industry experience and domain knowledge have enabled us to provide innovative solutions to our customers.

Who We Are

We Are Leading IT Based Solution Providers

Today, the world of business information represents the realization of our collective efforts toward improving the future. Held only by the limits of our imagination, the business world is accelerating at an ever-increasing pace. Imagine a better way of doing business, of implementing the perfect software, of refining practice or business integration. All it takes are benchmark standards in service, support, and technical know-how, which have been our bread and butter.

Our Vision.

Established in 2002, SR International Inc is one of the fastest growing and reputed provider of Information Technology Services and Solutions in the USA. Since our inception, we have been a trusted IT partner for our clients. We take pride in our highly skilled IT Resources and unique engagement model. We have been consistently delivering on our promises as a high-performance team. Our expertise in Cloud Computing, Mobility, Web Technologies, ERP and CRM are second to none. Our industry-leading flagship product iMathSmart is re-defining math learning experience for school students.

Career At SR International

At SR International, we treat our consultants like family. Our business and our reputation have been built and maintained by quality resources working onboard, so it’s important for us to maintain the quality resource pool.

(if you already have a resume on Indeed)

Or apply here.

* required fields

First Name*

Last Name*

Email*

Phone*

Yes, Text Me!

I consent to receiving text messages about this hiring process and, if hired, future job related information from S R INTERNATIONAL INC.

Message and data rates may apply. Message frequency varies. Reply STOP to opt out. Reply HELP for help. See our User Terms of Service and Privacy Policy for details.

Get faster updates with texting!

Message and data rates may apply. Message frequency varies. Reply STOP to opt out. Reply HELP for help. See our User Terms of Service and Privacy Policy for details.

Location

Address

City

States

ZIP Code

Resume/CV *

Type/Paste Text

Cover Letter

Type/Paste Text

Recent Job Title

Recent Employer

What is your current location? (City, State)*

What is your current work authorization status (e.g., US Citizen, Green Card, H1B, etc.)?*

How many total years of experience do you have in information security, cybersecurity, risk management, or GRC?*

I was referred to this position by a current employee

Who referred you?