Cyber Security Analyst III – Governance, Risk and Compliance
OSC Global
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $89,596 - $158,000 per year
Tech Stack
About the role
- serve as an experienced practitioner within the organization’s GRC program
- managing NIST RMF lifecycle activities
- conducting risk and control assessments
- coordinating assurance and privacy initiatives for federal information systems
- ensuring security documentation, continuous monitoring and remediation efforts meet FISMA and NIST standards
- supporting ongoing authorization and compliance maturity
- lead system-level RMF activities
- conduct independent risk assessments
- manage POA&M lifecycle
- perform control assurance reviews
- coordinate cloud and third-party compliance assessments
- support privacy compliance
- generate and present risk and compliance status reports
- provide mentorship and guidance to junior analysts
- collaborate across Security, IT and Privacy teams
Requirements
- Bachelor’s degree in Cybersecurity, Information Systems, or related technical discipline
- five (5) years of progressive experience in cybersecurity, including experience supporting or leading FISMA RMF compliance or cybersecurity governance functions
- ability to pass a background and drug screening
- identification compliant with the Real ID Act at time of hire
- able to obtain Department of Energy access badge
- able to obtain and maintain a U.S. government security clearance
- proficiency with GRC platforms (e.g., RegScale, ServiceNow GRC, Archer, eMASS or similar)
- experience coordinating FedRAMP Moderate or High inheritance reviews
- certifications such as CISM, CISA, CAP/CGRC, CRISC or CIPP/US
Benefits
- paid holidays
- paid time off
- 401k with employer match
- dental
- vision
- health insurance plans through the Federal Employee Health Benefits (FEHB) program
- life and disability benefits
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
NIST RMFrisk assessmentscontrol assessmentsPOA&M managementcontrol assurance reviewscloud compliance assessmentsprivacy compliancesecurity documentationcontinuous monitoringremediation efforts
Soft Skills
mentorshipcollaborationcommunication
Certifications
CISMCISACAPCGRCCRISCCIPP/US