Analyst, GRC – Public Sector
Job Description:
- Execute and enhance governance, risk, and compliance operations for public sector business.
- Drive measurable improvements in compliance efficiency and audit readiness by managing vulnerability remediation, continuous monitoring, access oversight, and evidence preparation.
- Collaborate across Security, Engineering, IT, DevOps, Product, Legal, and other teams to operationalize regulatory requirements, automate workflows, and shape GRC strategy.
- Coordinate and execute external Third Party Assessment Organization (3PAO) assessments and respond to auditor requests.
- Maintain and update FedRAMP and GovRAMP controls and documentation.
- Lead FedRAMP continuous monitoring process including vulnerability management lifecycle.
- Oversee access controls for FedRAMP environments and design training programs.
- Conduct internal reviews of logged events and control activities, providing status updates.
Requirements:
- 5+ years of cybersecurity or identity management experience, including 1+ year in the public sector.
- Direct experience with FedRAMP, GovRAMP, and NIST frameworks (800-53, 800-63, 800-171).
- Proven ability to manage continuous monitoring, vulnerability remediation, and compliance reporting.
- Experience using AI tools (e.g., ChatGPT, Glean, Gemini) and machine-readable formats (e.g., OSCAL) to automate and streamline compliance processes.
- Strong communication, organization, and collaboration skills with the ability to manage multiple priorities.
- Ability to adapt to changing requirements.
- Must be a U.S. Person (U.S. Citizens or U.S. Permanent Residents) residing in the United States and be able to obtain a U.S. OPM NACI clearance.
Benefits:
- Offers Equity
- Offers Bonus
Apply tot his job Apply To this Job