Execute and enhance governance, risk, and compliance operations for public sector business.
Drive measurable improvements in compliance efficiency and audit readiness by managing vulnerability remediation, continuous monitoring, access oversight, and evidence preparation.
Collaborate across Security, Engineering, IT, DevOps, Product, Legal, and other teams to operationalize regulatory requirements, automate workflows, and shape GRC strategy.
Coordinate and execute external Third Party Assessment Organization (3PAO) assessments and respond to auditor requests.
Maintain and update FedRAMP and GovRAMP controls and documentation.
Lead FedRAMP continuous monitoring process including vulnerability management lifecycle.
Oversee access controls for FedRAMP environments and design training programs.
Conduct internal reviews of logged events and control activities, providing status updates.

5+ years of cybersecurity or identity management experience, including 1+ year in the public sector.
Direct experience with FedRAMP, GovRAMP, and NIST frameworks (800-53, 800-63, 800-171).
Proven ability to manage continuous monitoring, vulnerability remediation, and compliance reporting.
Experience using AI tools (e.g., ChatGPT, Glean, Gemini) and machine-readable formats (e.g., OSCAL) to automate and streamline compliance processes.
Strong communication, organization, and collaboration skills with the ability to manage multiple priorities.
Ability to adapt to changing requirements.
Must be a U.S. Person (U.S. Citizens or U.S. Permanent Residents) residing in the United States and be able to obtain a U.S. OPM NACI clearance.

Analyst, GRC – Public Sector

Similar Jobs