1

Technology Risk Jobs in Pennsylvania (NOW HIRING)

The Zoetis Tech & Digital (ZTD) Global Technology Risk Management (TRM) Organizationis responsible forprotecting Zoetis' information resources. Within TRM, the global Identity, Directory & Access ...

Senior IT Auditor

Greensburg, PA · On-site

$86K - $113K/yr

Minimum 8+ years' relevant work experience in IT internal audit or other IT risk/compliance/consulting function * Detailed knowledge and testing experience with IT general controls ("ITGCs") across ...

... technology and leadership to define and deliver capabilities that drive profitable growth. What candidates will do: * Own product roadmap execution for Risk Pricing with focus on Personal Lines ...

Working with the Director of IT Risk/Audit - who owns the firm's ISO 27001, SOC 1, and SOC 2 Type II certification programs - you will ensure the security controls underpinning those certifications ...

ITIL, Tech Risk (ISACA), Cyber Security, AI. The LOB Risk Lead will be a senior role on the Technology Change Management team, expected to use subject matter expertise to drive adherence to ...

As an LOB Risk Lead within PNC's Technology organization, you will be based in Pittsburgh, PA ... Experience with Technology Change Management policies, procedures, processes, and controls.

next page

Showing results 1-20

Technology Risk information

See Pennsylvania salary details

$14

$30

$74

How much do technology risk jobs pay per hour?

As of Jul 13, 2026, the average hourly pay for technology risk in Pennsylvania is $30.41, according to ZipRecruiter salary data. Most workers in this role earn between $19.52 and $38.80 per hour, depending on experience, location, and employer.

What are some common challenges faced by professionals working in Technology Risk roles?

Professionals in Technology Risk often encounter challenges such as keeping up with rapidly evolving cyber threats, ensuring regulatory compliance across different jurisdictions, and effectively communicating technical risks to non-technical stakeholders. Balancing proactive risk mitigation with the need to support business innovation can also be demanding. Collaboration with IT, legal, and business units is essential to identify vulnerabilities and implement practical controls without hindering productivity.

What are the key skills and qualifications needed to thrive in Technology Risk, and why are they important?

To thrive in Technology Risk, you need a solid understanding of IT systems, cybersecurity principles, risk management frameworks, and often a degree in information technology or a related field. Familiarity with tools like GRC (Governance, Risk, and Compliance) platforms, vulnerability assessment software, and certifications such as CISA, CISSP, or CRISC are commonly required. Strong analytical thinking, attention to detail, and effective communication skills help professionals assess threats and convey complex risk issues to diverse stakeholders. These skills ensure organizations can proactively identify, assess, and mitigate technology risks to protect assets and maintain regulatory compliance.

What jobs are at risk due to technology?

Technology risk professionals are concerned that automation, artificial intelligence, and evolving cybersecurity threats could impact roles such as manual data entry, basic IT support, and routine compliance tasks. These jobs may be increasingly automated or require advanced technical skills to adapt to changing technology environments.

What is the difference between Technology Risk vs Cybersecurity Analyst?

AspectTechnology RiskCybersecurity Analyst
Primary FocusIdentifying and managing technology-related risks to business operationsProtecting systems and data from cyber threats and attacks
CertificationsCRISC, CISSP, CISACISSP, CEH, Security+
Work EnvironmentRisk management teams, compliance departmentsSecurity operations centers, IT security teams
Industry UsageFinance, healthcare, technology firmsAny industry with digital assets, especially finance and government

Technology Risk professionals focus on assessing and mitigating risks associated with technology systems and processes, ensuring compliance and reducing potential disruptions. Cybersecurity Analysts primarily work to defend systems from cyber threats, focusing on security measures and incident response. While both roles involve technology and security, their core objectives and daily tasks differ significantly.

What tech jobs are safe?

Technology Risk professionals focus on identifying and mitigating risks related to IT systems, cybersecurity, and data protection. These roles are generally stable due to ongoing cybersecurity threats and regulatory requirements, and often require skills in risk assessment, compliance, and familiarity with security tools. Continuous learning and certifications like CISSP or CISA can enhance job security in this field.

What is an example of a technology risk?

A technology risk for a Technology Risk professional involves potential threats to information systems, such as cybersecurity breaches, data loss, or system failures. These risks can result from vulnerabilities in hardware, software, or network security, and managing them requires skills in risk assessment, controls, and compliance frameworks like ISO 27001.

What is Technology Risk?

Technology risk refers to the potential for losses or disruptions in an organization due to failures, vulnerabilities, or misuse of technology systems and infrastructure. Professionals in technology risk assess, manage, and mitigate risks related to cybersecurity, data privacy, IT systems, and compliance with regulations. Their work is crucial for protecting sensitive information, ensuring business continuity, and maintaining trust with clients and stakeholders.

What is the technology risk role?

A technology risk role involves identifying, assessing, and managing risks related to information technology systems and infrastructure. Professionals in this field analyze vulnerabilities, implement controls, and ensure compliance with security standards, often using tools like risk assessment frameworks and cybersecurity certifications. The role supports organizations in minimizing technology-related threats and ensuring operational resilience.
What are the most commonly searched types of Technology Risk jobs in Pennsylvania? The most popular types of Technology Risk jobs in Pennsylvania are:
What are popular job titles related to Technology Risk jobs in Pennsylvania? For Technology Risk jobs in Pennsylvania, the most frequently searched job titles are:
What job categories do people searching Technology Risk jobs in Pennsylvania look for? The top searched job categories for Technology Risk jobs in Pennsylvania are:
Infographic showing various Technology Risk job openings in Pennsylvania as of July 2026, with employment types broken down into 87% Full Time, 10% Part Time, and 3% Contract. Highlights an 85% In-person, 10% Hybrid, and 5% Remote job distribution, with an average salary of $63,251 per year, or $30.4 per hour.
Information Security Risk and Compliance Analyst

Information Security Risk and Compliance Analyst

Wawa

Wawa, PA

Full-time

Posted 18 days ago


Wawa rating

6.5

Company rating: 6.5 out of 10

Based on 1,109 frontline employees who took The Breakroom Quiz

8th of 48 rated convenience stores


Job description

Job Description

Job Title: Information Security Risk and Compliance Analyst

Department: Information Technology

Location: Red Roof

Pay Band: Professional

Job Summary: The Information Security Risk & Compliance Analyst is responsible for participating in the information security program to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Wawa operates.

This role participates in all day-to-day operations, functions and capabilities relating to technology risk and compliance. The role participates in the Information Security compliance program and is responsible for operating Wawa's technology risk management processes, maintaining Wawa's technology related Information Security policies, and completing risk assessments of technology related initiatives.

Principal Duties:
  • Participate in the completion of assessments of operational security controls and in any required remediation.
  • Identify and document cyber risks and manage mitigation and follow up on open security risks. Report issues to Information Security stakeholders.
  • Participate in execution of information security testing for all areas of the technology operating environment (e.g., infrastructure reviews, vulnerability scanning) with a focus on leading in low risk areas.
  • Participate in the execution of the security awareness training program for all employees, contractors and approved system users.
  • Participate in the execution of Wawa's information security program, including meeting PCI compliance requirements and the ongoing development of the program.
  • Participate as a member of cross-department remediation projects by completing supporting security tasks.
  • Provide input for updates to information security policies and standards.
  • Execute the applicable information security management framework controls.
  • Provide technical support related to tools used to perform security and vulnerability assessments.
  • Participate in the development of asset inventories, including information assets in cloud services and in other vendors in the organization's ecosystem.
  • Participate in the support to Information Security Incident Response team during cyber incidents.
  • Support internal network between Information Security and information technology.
  • Act as technical consultant for the IT department to support new and existing technologies.
  • Participate in the technical deployment of security solutions that enhance Wawa's information security architecture.
  • Develop foundational knowledge of Payment Card Industry (PCI) Data Security Standard compliance by keeping apprised of changes to the standard, evaluating new systems for impact and supporting annual PCI audit.
  • Support audit and assessment process for IT including annual PCI audit, IT general controls review and any other audits or assessments of security and general IT controls.
  • Provide technical assistance for technical security services.
  • Participate in IT and business-related projects as required. Provide guidance on low impact and complexity initiatives including current technology areas such as cloud services, mobile technology, data analytics, etc.

Essential Functions:

  • Ability to work well individually as well as in a team environment.
  • Strong written and verbal communication skills, interpersonal and collaborative skills.
  • Up-to-date knowledge of methodologies and trends in both information security and IT.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.
  • Must be a critical thinker, with strong problem-solving skills.
  • Ability to participate in one or more projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • Ability to lead small internal security technology projects and security remediation projects.
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
  • High degree of initiative, dependability and ability to work with little supervision while being resilient to change.
  • Ability to be on-call 24x7x365 rotation for information security reviews of emergency changes and to support for information security incidents.
  • Ability to train others.

Basic Requirements:

  • Minimum of 3 years of experience in a combination of incident response, information security and IT.
  • Understanding of relevant legal and regulatory requirements, such as: Payment Card Industry Data Security Standard.
  • Degree in technology-related field preferred, or equivalent work- or education-related experience.
  • Professional security management certification is preferred or expected within the first 12-18 months, such as CompTIA CySA+ (Cybersecurity Analyst), ISC2 Systems Security Certified Practitioner (SSCP), GIAC Security Essentials (GSEC), GIAC Foundational Cybersecurity Technologies (GFACT), Certified Ethical Hacking (CEH), or other similar credentials.
  • Foundational knowledge of common information security management frameworks, such as ISO/IEC 27001, Critical Security Controls, and NIST 800-53 and Cybersecurity Framework.
  • Foundational knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPS\IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.

Wawa will provide reasonable accommodation to complete an application upon request, consistent with applicable law. If you require an accommodation, please contact our Associate Service Center at asc@wawa.com.

Wawa, Inc. is an equal opportunity employer. Wawa maintains a work environment in which Associates are treated fairly and with respect and in which discrimination of any kind will not be tolerated. In accordance with federal, state and local laws, we recruit, hire, promote and evaluate all applicants and Associates without regard to race, color, religion, sex, age, national origin, ancestry, familial status, marital status, sexual orientation or preference, gender identity or expression, citizenship status, disability, veteran or military status, genetic information, domestic or sexual violence victim status or any other characteristic protected by applicable law. Unlawful discrimination will not be a factor in any employment decision.


What Wawa employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom