GRC Analyst

A mid-sized utilities company is looking for a GRC Analyst. Need someone to help with documentation and maturing the program. Need someone to help with policy, risk assessment and light vulnerability management. A mix of OT and IT experience will be a huge plus.

The main thing they need is someone strong in compliance, mainly with GDPR and CMMC. FedRAMP or StateRAMP would be a huge advantage. You will not be designing controls from the ground up, but you will be creating new risk registers and generating assignments for engineers. If you are familiar with GRC, writing policy and risk assessments and worked with common frameworks such as NIST, you would be a good fit.Required Skills & Experience

• 5-7 years of experience in GRC
• Compliance (GDPR, FedRAMP and CMMC)
• Familiarity with common frameworks (NIST, ISO, etc.)
• OT and IT
• Familiar writing policies and performing risk assessments

Desired Skills & Experience

• BA degree in computer science, MIS, cybersecurity
• OR 4+ years working experience in computer science, MIS, cybersecurity
• Background in blue teaming

What You Will Be DoingTech Breakdown

• 80% GRC
• 20% Writing policy

Daily Responsibilities

• 80% Hands On
• 20% Team Collaboration

You will receive the following benefits:

• Medical Insurance
• Dental Benefits
• Vision Benefits
• Paid Time Off (PTO)
• 401(k) {including match- if applicable}

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.

---