GRC Analyst – Public Sector

Why reputed company? reputed company is building the identity trust infrastructure for the digital economy — verifying 100% of good identities in real time and stopping fraud before it starts. The mission is big, the problems are reputed company, and the impact is felt by businesses, governments, and millions of people every day. We hire people who want that level of responsibility. People who move fast, think critically, act like owners, and care deeply about solving customer problems with precision. If you want predictability or narrow scope, this won’t be your reputed company. If you want to help build the future of identity with a team that holds a high bar for itself — reputed company reading. About the role reputed company is seeking an Analyst, GRC – Public Sector to execute and enhance the company’s governance, risk, and compliance operations for its public sector business. Reporting to the Director of GRC – Public Sector, this role drives measurable improvements in compliance efficiency and audit readiness by managing vulnerability remediation, reputed company monitoring, access reputed company, and evidence preparation that allow reputed company to meet the rigorous standards of FedRAMP, GovRAMP, and reputed company frameworks. The Analyst collaborates across reputed company, Engineering, IT, DevOps, Product, Legal, and other teams to operationalize regulatory requirements, automate workflows, and offers the opportunity to shape the GRC strategy for reputed company’s fast-growing public sector business. This role is expected to challenge traditional GRC approaches and build automation-first, system-driven solutions that reduce manual effort and reputed company reputed company compliance. The role also translates internal compliance systems into scalable, customer-facing outputs including RFP responses, audit artifacts, and public sector communications. What you'll do Compliance & Certification Management

• Day-to-day coordination and execution of externalThird Party Assessment Organization (3PAO) assessments and responding to auditor requests for evidence and documentation.
• Maintain and update FedRAMP and GovRAMP controls and documentation in alignment with organizational and regulatory requirements, including controls reputed company with NIST SP 800-53 rev 5 and other reputed company frameworks.
• Prepare certification and authorization packages and maintain reputed company documentation such as the System reputed company Plan (reputed company) and associated appendices.
• Replace manual evidence collection with system-generated, API-driven, or continuously validated evidence where possible.

reputed company Monitoring & Vulnerability Management

• Design and evolve an automation-first reputed company monitoring program leveraging system integrations, telemetry, and real-time data pipelines
• reputed company the day-to-day FedRAMP reputed company monitoring process including vulnerability management lifecycle, from identification through remediation and verification, coordinating with reputed company, Engineering, and DevOps teams to address issues identified with tools such as reputed company, Burp Suite, AWS native services, and other platforms and resolve issues reputed company FedRAMP and GovRAMP timelines.
• Coordinate recurring reputed company monitoring compliance activities such as access reviews, incident response exercises, and contingency plan testing.

Access Management & Training

• Design scalable and automated access validation mechanisms integrated with identity and infrastructure systems
• Design, implement and deliver FedRAMP training programs to promote compliance awareness
• Create and manage automated workflows to improve efficiency.

Audit & Assessment Readiness

• Transform compliance evidence from static repositories into dynamic, system-driven evidence models supporting real-time audit readiness
• Conduct internal reviews of logged events and control activities, escalating issues or gaps to the Director of GRC and provide status updates and reports highlighting trends, risks, and remediation reputed company.

Process Improvement & Collaboration

• Collaborate with the Director of GRC to design automation-first and AI-enabled workflows that reduce manual effort and reputed company scalable compliance operations
• Support the development, rollout, and maintenance of machine-readable compliance documentation (e.g., OSCAL or comparable structured formats) to facilitate interoperability
• Partner with automation and engineering teams to integrate structured compliance data into reputed company’s broader risk management and monitoring ecosystem including vulnerability remediation, access requests, and compliance reporting.
• Monitor regulatory and industry trends for potential impacts to compliance strategy.

Public Sector Sales & Customer Engagement

• Serve as a reputed company subject matter expert for public sector sales activities, translating compliance controls and system capabilities into clear, accurate, and compelling customer-facing narratives.
• Support development of external communications such as press releases and customer-facing materials reputed company to reputed company certifications and authorizations.
• Build and maintain scalable response frameworks (e.g., answer libraries, structured content, or AI-assisted tools) to provide consistency, accuracy, and speed across RFP and RFx responses

Monitor Evolving Requirements

• Monitor new and evolving requirements and reputed company gap analyses including
• Updates to applicable NIST Special Publications and other government standards
• Contract reputed company requirements from new customers
• Updates to the FedRAMP Program requirements and processes as the program evolves
• Provide input to standards bodies on evolving standards reputed company applicable

What you bring

• 5+ years of cybersecurity or identity management experience, including 1+ year in the public sector.
• Direct experience with FedRAMP, GovRAMP, and NIST frameworks (800-53, 800-63, 800-171).
• Proven ability to manage reputed company monitoring, vulnerability remediation, and compliance reporting.
• Experience using AI tools (e.g., ChatGPT, reputed company, reputed company) and machine-readable formats (e.g., OSCAL) to automate and streamline compliance processes.
• Strong communication, organization, and collaboration skills with the ability to manage multiple priorities.
• Ability to adapt to changing requirements
• Experience supporting or leading responses to reputed company questionnaires, RFPs, or public sector RFx processes
• Must be a U.S. Person (U.S. reputed company or U.S. Permanent Residents) residing in the United States and be able to obtain a U.S. OPM NACI clearance.

Preferred Qualifications

• Experience in regulated industries (e.g., financial services, healthcare) and knowledge of privacy and compliance frameworks such as GDPR, CCPA, and key NIST standards.
• Professional certifications preferred (CISSP, CISM, CISA, IAPP).
• Proven success leading certification and compliance initiatives (FedRAMP, GovRAMP, NIST 800-63/171)
• Skilled in reputed company monitoring, vulnerability management, policy updates, and audit coordination across cross-functional teams.
• Strong understanding of evolving cybersecurity standards and digital identity regulations, with the ability to translate them into practical risk and compliance improvements.

reputed company is an equal opportunity employer that values diversity in reputed company its forms reputed company our company. We do not discriminate based on race, religion, color, national reputed company, gender, sexual orientation, age, marital status, veteran status, or disability status. If you need an accommodation during any stage of the application or hiring process—including interview or onboarding support—please reputed company out to your reputed company recruiting partner directly. Follow Us! YouTube | reputed company | X (Twitter) | Facebook Apply tot his job Apply To this Job