Senior GRC Analyst
Job Title: Senior GRC Analyst
Role Summary
We are seeking a Senior GRC Analyst with deep, hands-on expertise in DoD and federal compliance programs, particularly CMMC 2.0 Level 2 and FISMA, in environments handling Controlled Unclassified Information (CUI). This role focuses on implementing, validating, and sustaining NIST SP 800-171 and NIST SP 800-53 controls; maintaining audit and authorization readiness; and collaborating cross-functionally with Engineering, DevOps, Cloud, and Security teams to ensure controls are effectively implemented, evidenced, and continuously monitored. Key Responsibilities
- CMMC & DoD Compliance
Drive CMMC 2.0 Level 2 implementation and readiness for CUI-processing systems.
Implement, validate, track, and remediate NIST SP 800-171 controls, including evidence gathering and POA&M management.
Prepare for DoD assessments and third-party audits by ensuring full control implementation and traceability. - FISMA & Federal Security Requirements
Execute FISMA-aligned activities using NIST SP 800-53 (Moderate baseline).
Support federal authorization efforts, including System Security Plan (SSP) updates, control narratives, evidence validation, and continuous monitoring (ConMon).
Address audit findings and remediate gaps in collaboration with internal stakeholders. - Technical Control Validation
Partner with Engineering, CloudOps, and Security teams to validate technical controls in AWS-regulated environments, covering:- Identity and Access Management (IAM)
- Logging, monitoring, and auditability
- Encryption (at rest and in transit)
- Vulnerability and configuration management
- Incident response and contingency planning
Review technical artifacts (e.g., architecture diagrams, configurations, logs) to confirm audit-ready evidence.
- Risk & Supply Chain Security
Perform security and risk assessments for systems, services, and changes involving CUI.
Conduct third-party/supply chain risk evaluations per DoD and federal standards.
Maintain risk registers, track findings, and manage remediation via POA&Ms.
Required Qualifications
Core Experience
- 6+ years in GRC, cybersecurity compliance, or federal security programs.
- Direct, hands-on experience with CMMC 2.0 Level 2 and/or DoD environments managing CUI.
- Proven collaboration with engineering/DevOps teams on control implementation (beyond advisory roles).
Technical & Framework Expertise
- Strong proficiency in:
- NIST SP 800-171 (protecting CUI)
- NIST SP 800-53 (FISMA Moderate baseline)
- FISMA requirements
- CMMC 2.0 framework
- Demonstrated ability to validate technical security controls in AWS cloud environments.
Documentation & Communication Skills
- Expertise in producing audit-ready documentation, evidence packages, control narratives, and reports tailored to regulated/government audiences.
- Excellent written and verbal communication for cross-functional and executive/government interactions.
Preferred Qualifications
- Prior involvement in CMMC assessments or readiness programs.
- Experience supporting federal Authority to Operate (ATO) or authorization processes.
- Familiarity with CI/CD pipelines and cloud-native architectures.
- Background in defense, government contracting, or highly regulated federal environments.
- Relevant certifications (preferred):
- CMMC Registered Practitioner (RP)
- CISSP, CISM, or CISA
- Cloud security certifications (e.g., AWS Security Specialty)
Recommended Jobs
Financial Analyst, AMR Operations
Imagine what you could do here. At Apple, we quickly turn new ideas into extraordinary products, services, and customer experiences. Bring your vision and dedication to Apple, and there's no telling …
Equipment Sales Representative
ASCO Equipment has a opportunity for an Outside Sales Representatives in the Terrell, TX sales department. The Equipment Sales Representative will be responsible for obtaining and building rela…
Contract Land Analyst
Contract Land Analyst JOB-10045976 Anticipated Start Date 3/9/2026 Location Houston, TX Type of Employment Contract Hire Employer Info Our client is an American…
Physical Therapist
Physical Therapist (PT) – Outpatient Orthopedics Location: Vista Physical Therapy – Dallas (Central) Address: 12228 N. Central Expy., Dallas, TX 75243 Job Type: Full-Time Salary & Incent…
Heavy Equipment Operator
Minimum 5yr experience operating Heavy equipment Class A CDL preferred Experienced in finish blade, front loader, and backhoe operations performing low and high risk excavations. Capable of p…
Arterial Account Manager - Corpus Christi and The Valley - Peripheral Vascular
Arterial Account Manager Peripheral Arterial Disease (PAD) | Artix & LimFlow Portfolio Are you a strategic, clinically savvy sales professional passionate about driving meaningful impact in vas…
Assistant Director of Human Resources
Region: 10 School District/Employer: District Category/Employer: Education Service Center, Position: , …
Senior SQL BI Developer
We are looking for a SQL Business Intelligence (BI) Developer to create and manage BI and analytics solutions that turn data into knowledge. \ \ SQL BI Developer responsible for: \ \ …
Reliability Technician III
We are seeking an experienced mechanical technician to join our Reliability Services team. Join our team as a Reliability Services Technician III, where each day brings a new challenge with a vari…
SAS Business Intelligence Analyst (SAS Viya) (Austin, TX)
Experience : Deep knowledge and experience developing data analysis programs in SAS Viya At least 5 years of business process visualizations, process improvement, and business system analysis. …