Job DescriptionThe Governance, Risk, and Compliance (GRC) Analyst II configures, implements, and manages security devices through strategic and technical security mitigation planning. This involves daily threat analysis and incident management.
Responsibilities- Provide strategic and technical security mitigation planning and participate in the design, development, and maintenance of GRC activities aligned with NIST 800-171
- Document and maintain GRC artifacts including process documentation, risk registers, and control mappings
- Develop, maintain, and track Plans of Actions and Milestones (POA&Ms), including remediation status and supporting evidence
- Participate in stakeholders interviews, working sessions, and documentation reviews to support GRC assessments
- Provide technical expertise in the development, maintenance, and enhancement of corporate security operating procedures, standards and best practices
- Assist with preparation for internal and external audits, assessments, and regulatory reviews, including evidence collection and response coordination
QualificationsExperience:
- Bachelor's Degree
- Minimum two (2) years of experience in cybersecurity, technology risk, compliance, audit related roles. OR (6) years of experience may be considered in lieu of a Bachelors Degree. OR No experience required in lieu of Masters Degree.
- Experience supporting IT audits, risk assessments, or compliance assessments
- Working knowledge of CMMC controls, NIST 800-171 requirements, and compliance processes
- Hands-on experience developing and maintaining POA&Ms
- Ability to follow defined processes while managing multiple compliance-related tasks
- Ability to travel up to 10%
- Active Secret clearance or the ability to obtain and maintain
Preferred:
- Experience performing NIST-based security or technology risk assessments
- Industry certifications such as CISA, CRISC, Security+, or similar credentials
- Strong written and verbal communication skills, particularly for documentation and audit response
- Detail-oriented with strong analytical and organizational skills
Additional Information This position may require access to technology, materials, software or hardware that is controlled by either ITAR or EAR U.S. export laws. As a condition of any job offer, in order to be employed in this position, you may need to obtain a U.S. Government export license(s), as required by law.
Other benefits include: - Immediate Medical (FSA and HSA), Dental, and Vision
- 401K Match with 100% immediate vesting
- 9X80 compressed work schedule for qualifying roles
- Career Opportunity and Growth
- Tuition Reimbursement/Student Loan Repayment
- Generous PTO and 11 paid Holidays per year (9 designated holidays and 2 floating holidays)
- 8 weeks of 100% Paid Family Leave