SmartHires
Socure logo

GRC Analyst – Public Sector

SocureRemote - USA
FullTimecomplianceregulatorysecurity+5 more
Apply Now
Socure logo

GRC Analyst – Public Sector

Socure

Apply Now

Socure is seeking an Analyst for Governance, Risk, and Compliance (GRC) in the Public Sector to enhance compliance operations and manage vulnerability remediation. The role involves collaboration across various teams to ensure adherence to regulatory standards such as FedRAMP and GovRAMP, focusing on continuous monitoring, access management, and audit readiness.

Qualification

  • Experience in governance, risk, and compliance operations, particularly in public sector environments.
  • Familiarity with FedRAMP, GovRAMP, and NIST SP 800-53 rev 5 frameworks.
  • Strong understanding of vulnerability management and continuous monitoring processes.
  • Ability to collaborate across multiple teams including Security, Engineering, and IT.
  • Experience in preparing compliance documentation and audit readiness.

Responsibility

  • Coordinate and execute external Third Party Assessment Organization (3PAO) assessments and respond to auditor requests for evidence.
  • Maintain and update FedRAMP and GovRAMP controls and documentation in alignment with regulatory requirements.
  • Prepare certification and authorization packages and maintain related documentation such as the System Security Plan (SSP).
  • Lead the FedRAMP continuous monitoring process including vulnerability management lifecycle.
  • Coordinate recurring compliance activities such as access reviews and incident response exercises.
  • Oversee access controls for FedRAMP environments and conduct quarterly access certifications.
  • Design and deliver FedRAMP training programs to promote compliance awareness.
  • Maintain compliance evidence repositories and audit preparation materials.

Similar Jobs