GRC Analyst

6 days ago


Santa Monica CA United States 1872 Consulting Full time
GRC Analyst
DoD / DIA / Government Focus - Top Secret Clearance is Required
Santa Monica, CA - Hybrid onsite 2-3 days per week

Summary:
The GRC Analyst is responsible for helping to provide compliance and oversight of all our Corporation's Authorization and Accreditation (A&A) requirements as it relates to our government business including but not limited to DIA, DoD, DCSA, etc.

Additionally, the position manages the Sensitive Compartmentalized Information (SCI) and Special Access Program (SAP) Information Systems (IS) to ensure that all classified IS remain accredited by partnering with Security, IT and other teams.

Responsibilities:
  • Implements, monitors, and maintains the ICDs, our Security Manual and procedures, DoD and other applicable government sponsor regulations for SCI/SAP and collateral systems
  • Enforces corporate policies to support ICD, and other CI standards
  • Enforces compliance with current Security Technical Implementation Guides (STIGs) for all applicable systems
  • Interfaces with and supports clients in the operation and security of the classified systems
  • Assist the ISSM in establishing, communicating, and improving the collateral and SCI/SAP Information Systems (IS) Security Program
  • Responsible for the preparation and sustainment for internal self-inspections, DIA and other government inspections
  • Assesses changes by performing periodic self-inspections, tests and reviews of the classified IS program to ensure that systems are operating as authorized/accredited and that conditions have not changed
  • Participates in the planning, installation, implementation, upgrade, problem determination and resolution involving software programs, operating systems, computers, printers, scanners, etc. for collateral and SCI/SAP systems. Provides budget requirements to the ISSM for the sustainment of the collateral SCI/SAP systems.
  • Ensures protocols are followed for the investigation(s) and resolution of security incidents
  • Performs weekly audits and ensures administrative inquiries/investigations into anomalies found during audit trail analysis are reported to the ISSM for follow on actions
  • Collaborates with the system and network administrators to ensure audit features are configured and enabled correctly
  • Develops and implements the System Security Plans (SSP) and addendums for the facility
  • Performs other duties as assigned

Requirements:
  • Must hold and maintain a Top-Secret security clearance and SCI/program eligibility
  • 4+ years' experience in Information Technology, preferably in a classified environment
  • Must have and maintain a DoD 8570.01-M - IAM level 1 certification (Security+, GSLC, CISM, or CISSP)
  • Possesses working knowledge of the DoD, DISA, ICDs and associated IC security regulations, policies, STIGs and laws

Nice to haves:
  • Knowledge of DIA and other federal government network security processes and procedures
  • Familiarity with encryption technologies, forensics, penetration and vulnerability analysis of various security technologies and information technology security research
#J-18808-Ljbffr
  • GRC Analyst

    6 days ago


    Santa Monica, United States 1872 Consulting Full time

    GRC Analyst DoD / DIA / Government Focus - Top Secret Clearance is Required Santa Monica, CA - Hybrid onsite 2-3 days per week Summary: The GRC Analyst is responsible for helping to provide compliance and oversight of all our Corporation's Authorization and Accreditation (A&A) requirements as it relates to our government business including but not limited to...

  • GRC Analyst

    1 month ago


    Shelton, CT, United States Ovise Full time

    Ovise is exclusively partnered with one of the largest restaurant and franchisee brands in the world! They are looking to build out their GRC function, and as a GRC analyst, you will be directly involved with this initiative.The GRC Analyst will be responsible for assessing, managing, and mitigating risks related to an organization's information assets. This...

  • GRC Analyst

    6 days ago


    Seattle, WA, United States Facebook Full time

    Summary: Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality...

  • GRC Analyst

    7 days ago


    Orlando, FL, United States Insight Global Full time

    Job Summary: Insight Global is seeking a highly motivated and detail-oriented GRC Analyst to join our Information Security team. The GRC Analyst will be responsible for supporting the development, implementation, and management of governance, risk, and compliance programs to ensure the security and integrity of our information systems and data.Key...


  • McLean, VA, United States Convergenz Full time

    Risk / GRC Analyst - Capital Markets and Mortgage RequiredEnsuring they are compliant with Mortgage and Capital Markets guidelines. Risk assessments on a quarterly bases, issue remediation- helping team on incident write ups, operational breakdown, control testing, adhoc projects- process documentation, helping with Gap Assessments. More on compliance /...

  • Senior GRC Analyst

    1 month ago


    Overland, MO, United States Clayco Full time

    About UsClayco is a full-service, turnkey real estate development, master planning, architecture, engineering, and construction firm that safely delivers clients across North America the highest quality solutions on time, on budget, and above and beyond expectations. With $5.8 billion in revenue for 2023, Clayco specializes in the "art and science of...

  • Senior GRC Analyst

    1 month ago


    New York, NY, United States Cantor Fitzgerald Full time

    The Information Security-GRC (Governance Risk and Compliance) Team is looking for an experienced risk and compliance professional to help drive the efforts across Cybersecurity controls framework initiatives, such as user access recertification, policy management, vendor assessment and client due diligence. This role will also be responsible furthering...


  • Dallas, TX, United States Technology Recruiting Solutions Full time

    Sr. IT Security Compliance AnalystLeading Central North Dallas company has an immediate need for a Sr. IT Security Compliance Analyst. This role will develop, implement and audit IT security governance and risk management functions to ensure compliance with established internal controls, regulatory and legal requirements, policies, and standards.Requirements...

  • IT Risk Analyst

    1 month ago


    Spring, TX, United States Insight Global Full time

    This is a 6 month contract to hire. Hybrid onsite schedule - Tuesday, Wednesday & Thursday onsite in Spring, Texas.JOB DESCRIPTIONA global maritime classification company is seeking a Cyber Security Risk Analyst to join their Risk and Vulnerability organization in the Spring/Woodlands, TX area. The risk assessor will be responsible for ensuring information...

  • Privacy Analyst

    6 days ago


    Chicago, IL, United States 1872 Consulting Full time

    Privacy Analyst Chicago, IL (loop) Summary: The Privacy Analyst focuses on the day-to-day tasks to help build the program. They will be responsible for risk assessments and client privacy impact assessments to be done in coordination with the IT security team. They will consult some of our internal Attorneys as a resource who are SME on HIPPA and Privacy and...


  • city of white plains, NY, United States Ampcus, Inc Full time

    Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team. Job Title: SAP Security Analyst Location(s): White plains, NY * Contribute to implementation of system/role/user/process compliance controls using SAP Standard...


  • Oakland, CA, United States PG&E Corporation Full time

    Requisition ID # 158845 Job Category: Information Technology Job Level: Manager/Principal Business Unit: Information Technology Work Type: Hybrid Job Location: Oakland Department Overview Information Systems Technology Services is a unified organization comprised of various departments that collaborate effectively to deliver high-quality technology...


  • Rockville, MD, United States Scubyt Full time

    Title: HIPAA Security AnalystLocation: Rockville, MD (ONSITE)Start date— ASAPDuration – One contractor for approximately 6-9 monthsLocals preferred100% Remote for right candidateTHE ASSIGNMENT OF WORK IS CONTINGENT UPON:Selection of an acceptable task order proposal resulting from this task order proposalRequest.Selected candidate may be required to...


  • Hicksville, NY, United States Flagstar Bank Full time

    Pay Range: 64K -102K JOB SUMMARY Flagstar Bank, N.A is committed to delivering exceptional banking services while adhering to industry best practices and regulatory expectations around risk management and compliance. We are looking for an Issue Management Analyst to join our Enterprise Risk Management team in the Risk Management Division to support the...


  • Washington, DC, United States TalentRemedy Full time

    As a member of the Information Security Incident Response team, the Sr. Information Security Analyst– Incident Response will coordinate the response activities for cyber security incidents across the corporate environment. You’ll focus on reviewing, triaging, analyzing, remediating, and reporting on cyber security incidents. As the Sr. Information...


  • Exton, PA, United States Citadel Federal Credit Union Full time

    Job Overview The Senior Enterprise Risk Analyst is expected to leverage their subject matter expertise in risk management when acting as business partner to our colleagues in the first line of responsibility, performing their daily Risk & Control Activities (RCA) in accordance with company policy and procedures. The selected candidate will assist in the...


  • Richmond, VA, United States FedTec Full time

    FedTec Overview:FedTec is a Woman-Owned Small Business with headquarters in Reston, VA. However, FedTec is more than just a company – we are a dedicated team of visionary individuals who understand the power of transformation. With our unwavering commitment to innovative technology and forward-focused methods, we empower government agencies to fulfill...

  • Software Engineer OH

    4 weeks ago


    Cleveland, OH, United States TalentBurst Full time

    Title: Archer GRC consultant Duration: 6+ Months Location: Remote Contract to hire strongly desired Archer GRC Integrated Risk Management Configuration/Development experience in on prem software required. Job Description Summary With little to no supervision from PM can perform the following: Design - Write design for programs, files and system working with...


  • New York, NY, United States Flagstar Bank Full time

    Pay Range: 112- 140K JOB SUMMARY As a key member of the second line of defense Technology, Cyber, Third Party Risk Management & Resilience Risk Management team, the Technology Risk Senior Analyst will support the Technology Risk team to fulfill the Bank’s Second Line of Defense (“2LoD”) mandate to identify, measure, monitor, and manage the Information...


  • Merrimack, NH, United States Fidelity Investments Full time

    Job Description:FFIO Senior Tech Risk AnalystDo you want to join a team focused on developing Next-Gen capabilities in Technology Risk? The Technology Risk team for Fidelity Fund and Investment Operations (FFIO) within Enterprise Technology Risk & Analytics (ETRA) group is seeking a passionate, driven, and experienced professional to join the team. You...