Welcome page Returning Candidate? Log back in! Senior GRC Analyst Category Information Technology Location : Location US-DC- Clearance Requirements None - No Federal Clearance Required Commute Requirements Hybrid ID 2024-4620 Overview

Senior GRC Analyst

Hybrid | Washington D.C. | 1 Day a Week Onsite

US Citizenship Requred

 

Summary

Our client is an employee and Service-Disabled, Veteran-owned Small Business focused on providing niche technical services. They are a team of experienced cybersecurity professionals with a track record of success in the Federal, Commercial, and Academic workspaces. Additionally, our client designs, builds, operates, and secures scalable cloud and IT infrastructures to meet their customers’ near-term needs and fulfill their long-term requirements.

 

Responsibilities

Our client is seeking a Senior Governance, Risk, and Compliance (GRC) Analyst to enhance their GRC program by aligning it with NIST standards and improving risk management processes. The successful candidate will work alongside existing analysts to consolidate risk management practices, improve GRC documentation, and ensure effective communication of compliance measures.

Design and implement consolidated risk management processes that adhere to NIST standardsImprove existing GRC documentation based on NIST guidance, focusing on continuous monitoring programs and risk evaluation at system and enterprise levelsDevelop and document control implementation statements for system-specific, hybrid, and common controlsImprove documentation for maintaining and communicating a common control catalog in line with the GRC processWork with stakeholders to identify and implement inheritable controls and document inheritance criteriaEnhance GRC dashboards and reporting to track program metrics and effectivenessCommunicate complex regulatory and compliance information clearly to various stakeholdersSupport the Board’s GRC program by assisting with the development and refinement of processes and documentationTrack and report on metrics related to continuous monitoring, training performance, and the effectiveness of security and privacy programs

Requirements

5-7+ years of relatable experience is required for this positionDeep understanding of relevant laws and regulations, including NIST guidance and OMB memorandaExtensive knowledge of the NIST Risk Management Framework and key publications such as NIST SP 800-37, 800-53 Revision 5, and 800-137Familiarity with the FedRAMP process and documentation, including customer responsibility matricesExperience developing and documenting control implementation statements for system-specific, hybrid, and common controlsExperience with GRC tools for collecting and reporting on security and privacy metrics (Xacta 360 and Power BI experience is preferred)Strong communication skills, with the ability to convey complex regulatory and compliance information clearlyExperience working with common control catalogs, provider systems, and inheritance modelsExperience with continuous monitoring metrics and reporting, including tracking training and awareness program performance

Preferred Requirements

Experience improving dashboards and reporting for GRC programsProven ability to develop metrics that measure the effectiveness of security and privacy trainingsStrong background in working with risk management processes and compliance documentation

Education/Certification Requirements

NoneOther DutiesPlease note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Please be aware that onboarding can take 4-6 weeks for this position. -------------- About UsNorthern Virginia-based Precision Solutions is an expert in staffing solutions for companies of any size that open the door to new opportunities and seek outstanding talent. We pride ourselves on being versatile enough to tailor our relationships to the needs of each individual client, being agile in the fast-paced marketplace, and being precise in meeting the needs of any company. Equal Opportunity Employer StatementPrecision Solutions is an equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. Options ApplyApplyShareRefer this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Application FAQs

Software Powered by iCIMS
www.icims.com