GRC Analyst

We are looking for an experienced Governance, Risk, and Compliance (GRC) Analyst to support our customers and join our passionate team of high-impact problem solvers. The role will involve shaping and enforcing our cybersecurity frameworks in alignment with federal policies and mandates.

Requirements

• Minimum of 2 years' experience in an ISSO or other GRC-related role supporting DoD programs at various classification levels
• Experience with NIST Special Publications such as NIST SP 800-53 & 800-171, FedRAMP, and/or CMMC
• Understanding of the various DoD impact levels & related compliance requirements for each level
• Experience with GRC tools such as ServiceNow, XACTA, eMASS, Archer, or SAP
• Proficient in conducting risk assessments, audits, and compliance monitoring within federal government environments
• Understanding of and experience with SIEM tools such as Splunk, Grafana, or ELK
• Experience managing GRC work for both on-prem & cloud-based systems & networks
• Experience conducting internal self-assessments and audits with external assessors
• Understanding of common cybersecurity tools and technologies such as vulnerability & compliance scanners, static & dynamic code analyzers, DLP, IDS, etc.
• Excellent communication skills with the ability to convey complex cybersecurity and compliance concepts, controls, & risk scenarios to technical and non-technical stakeholders
• Ability to translate GRC requirements into business risks and present to technical & non-technical Senior Leadership
• Ability to collaborate with and advise business units on governance structures and operational adjustments needed to align with governance frameworks
• Ability to identify gaps or conflicts in current policies and processes and work to develop solutions with internal business units
• Have or can obtain CompTIA Security+ or other DoD 8570 IAM Level I or higher certification within the first 90 days of employment with Raft
• Highly preferred: Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, or a related field
• Industry certifications such as: CISSP, CISA, CISM, CGRC, PMI-RMP
• Ability to manage cross-functional teams and drive deliverables to completion
• Experience in developing and delivering cybersecurity training and awareness programs
• Clearance Requirements: Able to maintain a Top Secret/SCI Security clearance

Benefits

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Unlimited PTO + 11 paid holidays
• Education & training benefits
• Annual budget for your tech/gadgets needs
• Monthly box of yummy snacks to eat while doing meaningful work
• Remote, hybrid, and flexible work options
• Team off-site in fun places!
• Generous Referral Bonuses
• And More!