Climb Channel Solutions NA

Senior GRC Analyst

Climb Channel Solutions NA

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

CloudCyber Security

About the role

  • Enforce cybersecurity Process Risk and Control frameworks that are rationalized against applicable laws and standards.
  • Support FedRAMP Moderate and/or High authorization and ongoing compliance
  • o Coordinate with 3PAOs, sponsoring agencies, and internal stakeholders during initial assessment.
  • o Assist in developing and maintaining FedRAMP-required documentation.
  • o Coordinate evidence collection for RAR, SAR, and continuous monitoring.
  • o Track security control implementation with engineering and IT teams.
  • o Maintain and update the POA&M and remediation timelines.
  • o Help manage ongoing FedRAMP continuous monitoring activities (e.g., monthly scans, annual assessments).
  • Perform cybersecurity risk assessments and maturity assessments.
  • Conduct control readiness assessments to evaluate design, implementation, and effectiveness.
  • Execute strategy for improving efficiency and ensuring organizational procedure alignment to maintain compliance with industry standards.
  • Lead continuous control monitoring activities using GRC and compliance automation platforms.
  • Function as a trusted advisor for business partners on the design and effective operation of controls.

Requirements

  • Bachelor’s degree in computer science, Information Technology, Business Administration, or a related field.
  • 7+ years of relevant work experience.
  • Working knowledge of FedRAMP requirements, including:
  • o NIST SP 800-53 Rev. 5 or FedRAMP 20x security controls
  • o FedRAMP Moderate or High Baseline
  • o FedRAMP PMO processes (Readiness Assessment, 3PAO interactions, ATO phases)
  • Understanding of federal cybersecurity frameworks (NIST 800-37 RMF, FIPS 199/200, etc.)
  • Experience in creating or maintaining System Security Plans (SSPs), Policies, procedures, and SOPs, Control implementation statements, and POA&M (Plan of Action & Milestones)
  • Experience supporting SOC 1, SOC 2 and PCI-DSS audits for cloud based services
  • Strong verbal and written communication, analytical and people skills.
Benefits
  • Healthcare insurance
  • Pension/retirement matching
  • Comprehensive life insurance
  • Employee assistance program
  • Time off plans
  • Paid company holidays
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurityFedRAMPNIST SP 800-53NIST 800-37 RMFFIPS 199System Security Plans (SSPs)PoliciesproceduresSOC 1SOC 2
Soft Skills
communicationanalytical skillspeople skillsleadershiporganizational skills