Analyst, GRC – Public Sector

Job Description:

• Execute and enhance governance, risk, and compliance operations for public sector business.
• Drive measurable improvements in compliance efficiency and audit readiness by managing vulnerability remediation, continuous monitoring, access oversight, and evidence preparation.
• Collaborate across Security, Engineering, IT, DevOps, Product, Legal, and other teams to operationalize regulatory requirements, automate workflows, and shape GRC strategy.
• Coordinate and execute external Third Party Assessment Organization (3PAO) assessments and respond to auditor requests.
• Maintain and update FedRAMP and GovRAMP controls and documentation.
• Lead FedRAMP continuous monitoring process including vulnerability management lifecycle.
• Oversee access controls for FedRAMP environments and design training programs.
• Conduct internal reviews of logged events and control activities, providing status updates.

Requirements:

• 5+ years of cybersecurity or identity management experience, including 1+ year in the public sector.
• Direct experience with FedRAMP, GovRAMP, and NIST frameworks (800-53, 800-63, 800-171).
• Proven ability to manage continuous monitoring, vulnerability remediation, and compliance reporting.
• Experience using AI tools (e.g., ChatGPT, Glean, Gemini) and machine-readable formats (e.g., OSCAL) to automate and streamline compliance processes.
• Strong communication, organization, and collaboration skills with the ability to manage multiple priorities.
• Ability to adapt to changing requirements.
• Must be a U.S. Person (U.S. Citizens or U.S. Permanent Residents) residing in the United States and be able to obtain a U.S. OPM NACI clearance.

Benefits:

• Offers Equity
• Offers Bonus

Apply tot his job Apply To this Job