Position Overview:

We are seeking a Senior GRC Specialist to design, implement, and manage governance, risk, and compliance initiatives for a mission-critical cybersecurity program. This role plays a key part in maintaining regulatory compliance, reducing organizational risk, and promoting a strong cybersecurity posture across the enterprise.

Key Responsibilities:

• Develop and maintain the organization's GRC frameworks in alignment with NIST, ISO, HIPAA, and other applicable standards

• Conduct internal audits, risk assessments, and gap analyses

• Create, update, and enforce security policies, procedures, and controls

• Advise executive leadership on governance and risk mitigation strategies

• Support compliance reporting and documentation for regulatory bodies and audits

• Coordinate and deliver cybersecurity awareness and compliance training across teams

• Monitor compliance program performance and recommend improvements

• Collaborate with internal teams to ensure risk-aware operations and adherence to best practices

Requirements:

• Bachelor’s degree in Cybersecurity, Information Systems, or a related field

• 5+ years of experience in GRC or cybersecurity compliance, preferably in government or regulated environments

• Strong knowledge of NIST 800-53, ISO/IEC 27001, FISMA, and HIPAA frameworks

• Professional certifications such as CISA, CIPM, CISM, or CRISC required

• Experience with risk management tools, audit preparation, and policy development

• Familiarity with federal compliance programs (e.g., FedRAMP, FIPS, FISMA)

• Willing to use Government Furnished Equipment (GFE)

• TSC or eligibility for a security clearance is a plus

Benefits:

• Competitive salary and benefits

• Relocation assistance

• Paid vacation and holidays

• Health, dental, and vision insurance

• Training and certification support for continued career development