GRC Analyst
Tasks
- Collaborate with legal and sourcing on contract redlines
- Coordinate evidence collection for audits
- Draft SSP and POA M deliverables
- Extract and catalog security requirements
- Maintain risk register and risk reporting
- Maintain security governance artifacts and documentation
- Map requirements to security frameworks and controls
- Own operational risk assessment process
- Participate in assessor and auditor interviews
- Produce compliance matrices and gap analyses
- Review customer contracts for security obligations
- Support audit assessment and certification activities
- Support third party and supply chain security reviews
- Write customer security questionnaire responses
Perks/Benefits
- N/A
Skills/Tech-stack
800-171 | 800-53 | Audit Readiness | CMMC | Compliance Matrix | Control mapping | FedRAMP | GDPR | Gap Analysis | ISO 27001 | Information Security Management | Information Security Management System | Information security | Management System | NIS2 | NIST CSF | NIST SP | NIST SP 800 | NIST SP 800-171 | NIST SP 800-53 | POA M | Requirements Traceability | Requirements Traceability Matrix | Risk Assessment | Risk Management | Risk register | SP 800-171 | SP 800-53 | Security Management System | Security plan | Supply Chain | Supply chain risk | System Security Plan | System security | Technical writing | Third Party | Third-Party Risk | Third-party risk management | Traceability matrix
Education
Roles
Related jobs
-
Embedded Intelligence Analyst USD 130KCrisis management | Dark Web | Dark web monitoring | Data Analysis | Deep Web401k match | Disability insurance | Employee assistance program | Employee discount program | Life insuranceMid-level Full TimeSan Jose, CA, United States R19h ago
-
Access Control | Account Permissions | Application Security | Awareness Training | Cyber intelligenceEntry-level Full TimeTexas-Austin20h ago
-
Mid-level Full TimeAtlanta, GA, United States20h ago
-
Excel | Geopolitical risk | Monte Carlo | Monte Carlo Simulation | Network AnalysisCareer development support | Certification reimbursement | Discretionary time off | Flexible-hybrid work | Health/Vision/Dental benefitsSenior-level Full TimeHuntsville, Alabama, United States1d ago
-
FCC - Vulnerability Management Lead USD 113K-180KCVSS | Cloud Security | Compliance | Configuration Management | Continuous MonitoringPublic Trust Clearance | Remote workSenior-level Full TimeUnited States - Remote R1d ago
-
FCC - Vulnerability Management Analyst USD 100K-130KCloud Security | Configuration Compliance | Continuous Monitoring | Cybersecurity | Hybrid CloudRemote workMid-level Full TimeUnited States - Remote R1d ago
-
FCC - SCRM/Emerging Technology Security Analyst USD 115K-161KAudit Support | Cybersecurity | FISMA | NIST CSF | NIST RMFPublic Trust Clearance | Remote workSenior-level Full TimeUnited States - Remote R1d ago
-
FCC - Security Compliance / RMF Analyst USD 100K-136K800-37 | 800-53 | Archer | Continuous Monitoring | Control AssessmentPublic Trust Clearance | Remote workMid-level Full TimeUnited States - Remote R1d ago
-
FCC - Reporting and Metrics Analyst USD 116K-180KDashboard Development | Data Visualization | Data analytics | FISMA | KPI ReportingPublic trust clearance support | Remote workSenior-level Full TimeUnited States - Remote R1d ago
-
IT Specialty Analyst - Cybersecurity Risk USD 80K-133KCOBIT | Cybersecurity | Exception management | Governance Risk | Governance Risk and Compliance401k or 403b employer match | Access to CEUs | Adoption, Fertility and Surrogacy Reimbursement | Emergency backup care | Legal Resources PlanMid-level Full TimeVirginia Remote, United States R1d ago
-
ACAS | Assessment and Authorization | Certification testing | Continuous Monitoring | Cybersecurity401k matching | 9/80 work schedule | Health insurance | Paid time offSenior-level Full TimeCOAU01, United States1d ago
-
Engineer I - Cyber, Third Party Risk Engineer USD 95K-127K800-53 | Access Control | Application Firewall | Bash | Cybersecurity Framework401k matching | Dental insurance | Employee volunteer program | Medical insurance | Time offMid-level Full TimeOH - Columbus, United States1d ago
-
Senior-level Full TimeMountain America Center - Hybrid (0152), … R1d ago
-
Cybersecurity Expert, SOC & Platform Operations (FedRAMP required - Washington DC, or Cambridge, MA) USD 146K-232KArtificial Intelligence | Automation | Cloud Security | FedRAMP | Hybrid Environment401k match | Education reimbursement | HSA | PTOSenior-level Full TimeWashington - B3 901 15th St …1d ago
-
Information Security Operations Analyst II USD 76K-127KAccess Management | Access provisioning | Audit Readiness | Cause analysis | ITSM401k match | Fitness reimbursement | Flexible spending account | Health savings account | Paid HolidaysMid-level Full TimeO'Fallon, Missouri (Main Campus), United States1d ago
-
RIT Co-op: Cybersecurity, Governance, & Risk USD 40K-40KCybersecurity | Governance | Risk ManagementEntry-level Part TimeRiedman Campus, United States1d ago
-
ME00590-Reverse Engineer 4 USD 170K-215KAdvanced persistent threat | Assembly | Computer Networking | Indicator of Compromise | Malware analysisGroup medical plan | Paid Holidays | Paid dental | Paid life insurance | Paid time offSenior-level Full TimeFort Meade, MD1d ago
-
Sr. GRC/PCI Compliance Analyst USD 95K-158KAudit Readiness | Audit evidence | Cardholder Data Environment | Control Validation | Control documentationDEI initiatives | Dental benefits | Direct travel benefits program | Employee rewards and recognition program | Medical benefitsSenior-level Full TimeRemote, United States R1d ago
-
Senior Security Compliance Manager USD 175K-224K800-37 | 800-53 | AI RMF | AWS | Agile project managementSenior-level Full TimeUnited States1d ago
-
800-171 | 800-53 | Awareness Training | Azure Government | Cloud ComputingHybrid workMid-level Full TimeAlabama, Tuscaloosa1d ago
-
Cyber Security Specialist, Senior - PR 1380 USD 112K-166K800-53 | Access Control | Authorization and Accreditation | Continuous Monitoring | Cybersecurity DocumentationCompetitive pay | Generous PTO | Health benefits | Paid HolidaysSenior-level Full TimeWPAFB, Ohio, United States1d ago
-
IAM Analyst – Ops Controls & Access Reviews USD 90K-110KAccess Attestation | Access Certification | Access Control | Access Management | Access reviews401k | Dental insurance | Educational assistance | Life insurance | Long-term disabilitySenior-level Full TimeVA, United States R2d ago
-
Security GSOC Analyst USD 60K-60KAccess Control | CCTV monitoring | Crisis management | Emergency Management | Global Security401k | Dental insurance | Medical insurance | Paid Holidays | Paid OrientationEntry-level Full TimeCambridge, MA, United States2d ago
-
Advanced persistent threat | Analytic techniques | Cyber Threat | Cyber Threat Kill Chain | CybersecuritySenior-level Full TimeArlington, VA, United States2d ago
-
Information Security GRC Analyst USD 65KAudit Readiness | CIS Controls | CMMC | Compliance | Control EvaluationFully remoteMid-level Full TimeUnited States - Remote R2d ago