Senior GRC Analyst
Job Title: Senior GRC Analyst
Role Summary
We are seeking a Senior GRC Analyst with deep, hands-on expertise in DoD and federal compliance programs, particularly CMMC 2.0 Level 2 and FISMA, in environments handling Controlled Unclassified Information (CUI). This role focuses on implementing, validating, and sustaining NIST SP 800-171 and NIST SP 800-53 controls; maintaining audit and authorization readiness; and collaborating cross-functionally with Engineering, DevOps, Cloud, and Security teams to ensure controls are effectively implemented, evidenced, and continuously monitored. Key Responsibilities
- CMMC & DoD Compliance
Drive CMMC 2.0 Level 2 implementation and readiness for CUI-processing systems.
Implement, validate, track, and remediate NIST SP 800-171 controls, including evidence gathering and POA&M management.
Prepare for DoD assessments and third-party audits by ensuring full control implementation and traceability. - FISMA & Federal Security Requirements
Execute FISMA-aligned activities using NIST SP 800-53 (Moderate baseline).
Support federal authorization efforts, including System Security Plan (SSP) updates, control narratives, evidence validation, and continuous monitoring (ConMon).
Address audit findings and remediate gaps in collaboration with internal stakeholders. - Technical Control Validation
Partner with Engineering, CloudOps, and Security teams to validate technical controls in AWS-regulated environments, covering:- Identity and Access Management (IAM)
- Logging, monitoring, and auditability
- Encryption (at rest and in transit)
- Vulnerability and configuration management
- Incident response and contingency planning
Review technical artifacts (e.g., architecture diagrams, configurations, logs) to confirm audit-ready evidence.
- Risk & Supply Chain Security
Perform security and risk assessments for systems, services, and changes involving CUI.
Conduct third-party/supply chain risk evaluations per DoD and federal standards.
Maintain risk registers, track findings, and manage remediation via POA&Ms.
Required Qualifications
Core Experience
- 6+ years in GRC, cybersecurity compliance, or federal security programs.
- Direct, hands-on experience with CMMC 2.0 Level 2 and/or DoD environments managing CUI.
- Proven collaboration with engineering/DevOps teams on control implementation (beyond advisory roles).
Technical & Framework Expertise
- Strong proficiency in:
- NIST SP 800-171 (protecting CUI)
- NIST SP 800-53 (FISMA Moderate baseline)
- FISMA requirements
- CMMC 2.0 framework
- Demonstrated ability to validate technical security controls in AWS cloud environments.
Documentation & Communication Skills
- Expertise in producing audit-ready documentation, evidence packages, control narratives, and reports tailored to regulated/government audiences.
- Excellent written and verbal communication for cross-functional and executive/government interactions.
Preferred Qualifications
- Prior involvement in CMMC assessments or readiness programs.
- Experience supporting federal Authority to Operate (ATO) or authorization processes.
- Familiarity with CI/CD pipelines and cloud-native architectures.
- Background in defense, government contracting, or highly regulated federal environments.
- Relevant certifications (preferred):
- CMMC Registered Practitioner (RP)
- CISSP, CISM, or CISA
- Cloud security certifications (e.g., AWS Security Specialty)
Recommended Jobs
Extended Stay America El Paso - Airport - Housekeeper
Join Our Team as a Housekeeper! As a Housekeeper, you’re the heartbeat of our hotel and the secret ingredient behind every sparkling guest experience! If you love making spaces shine and take pride i…
Paramedic
We are seeking a full-time Paramedic for our plasma donor clinic in Houston. TX. Job Details: This is a unique role conducting initial health assessments of potential blood donors to ensure the…
Engineer, Project
Come Build Your Career at Aecon! As a North American leader in infrastructure development, Aecon is safely and sustainably building what matters for future generations to thrive! We lead some…
Remote Architecture Tutor - Flexible Hours, Up to $40/HR
An online tutoring platform in McKinney, Texas, is looking for Architecture Tutors to provide personalized online instruction. As a tutor, you will help students master architectural design principles…
Occupational Therapist I - F/T - Ben Taub Hospital
Job Number: 179308, Job Title: Occupational Therapist I - F/T - Ben Taub Hospital, Salary: $35.46 - $46.12 Harris Health System is the public healthcare safety-net provider established in 1966 to s…
Member Service Representative
Job Description Job Description MEMBER SERVICES REPRESENTATIVE Front Desk Associate Part Time or Full Time, Hourly Job Family: Club Staff Location: 4349 Sherwood Way, San Angelo, Tx 769…
Remote Growth & Leadership Coordinator
A leading insurance provider is seeking a driven Remote Client Representative to join their team. This role allows you to work from home while providing meaningful protection for families. Ideal candi…
Soccer Coach
TeachMe.To is the leading peer-to-peer lessons marketplace, on a mission to connect independent Soccer coaches in Amarillo | TeachMe.To with aspiring players. As a fast-growing destination for So…
Housekeeper Supervisor | Luxury High-Rise - Downtown Dallas
LOCATION: Downtown Dallas - Arts District SCHEDULE: Monday - Friday: 9:00 AM - 5:00 PM | *Flexibility to occasionally work on weekends for property events* ABOUT US Worth Ross Management…
Electrical Superintendent
Come Build Your Career at Aecon! Aecon delivers some of the most complex and impactful infrastructure projects — from transformative transportation networks to critical energy, industrial and nuc…