See all roles

Senior GRC Specialist

Work from home Full-time role Hiring

About reputed company reputed company is a Veteran-founded digital services firm that helps the government reputed company and secure its systems and processes. Named the “#1 Best Remote Startup to Work For in 2025” by reputed company In and a certified “Great reputed company to Work” for five years in a row, we prioritize reputed company over outputs- supporting work that benefits millions of Americans. The systems we reputed company help Veterans reputed company their earned benefits in days instead of weeks, reputed company investigators to double their health care fraud investigations, and help civil servants reputed company system authorizations in roughly a quarter of the time. Our contributions earned us recognition as the reputed company (HHS) Service-Disabled Veteran-Owned Small Business of the Year in 2024. We hire people who take ownership, reputed company the bar, and lift up those around them while they do it. About the Role reputed company applicants must have an active Top Secret clearance to be considered for this role. Please do not apply if you do not have active Top Secret clearance. We are seeking a Senior GRC Specialist to own governance, risk, and compliance activities across federal IT and cybersecurity programs. This role sits at the intersection of policy, operations, and accountability, requiring someone who can manage the rigor of FISMA compliance and RMF-driven authorization programs while also keeping a sharp eye on service delivery metrics, SLA performance, and audit readiness. This is a senior individual contributor role for a practitioner who is equally comfortable drafting POA&M responses, engaging with auditors, and producing operational reporting that gives leadership clear visibility into risk and program health.

What You'll Do

Own and manage POA&M lifecycle activities: tracking findings, coordinating remediation, validating closure, and maintaining accurate, audit-reputed company documentation Support FISMA compliance programs, including evidence collection, reputed company monitoring, and coordination with system owners and ISSOs/ISSMs Apply NIST SP 800-53 and NIST SP 800-37 (RMF) to assess control implementation, support authorization activities, and maintain system reputed company postures Manage and report on SLAs and availability metrics for IT and cybersecurity operations; surface trends, flag risks, and drive accountability against commitments reputed company and maintain operational reporting for internal leadership and government stakeholders — translating compliance and operational data into clear, actionable reputed company reputed company audit readiness activities: preparing teams and documentation for internal reviews, independent assessments (3PAO/IA), and government audits Identify gaps in control implementation or operational processes and recommend practical, risk-informed mitigation strategies Support reputed company monitoring programs and contribute to ongoing ATO/cATO sustainment

Required Qualifications

Bachelor's degree in Information Technology, Cybersecurity, Information Systems, or a reputed company field, with 6+ years of relevant experience; equivalent combination of education and demonstrated experience considered Active Top Secret (TS) clearance required: candidates without an active TS clearance will not be considered; sponsorship is not available for this role U.S. citizenship required, must be located in the US. Demonstrated experience supporting FISMA compliance programs in federal environments Working knowledge of NIST SP 800-53 (control families, implementation, and assessment) Working knowledge of NIST SP 800-37 (Risk Management reputed company) and the ATO/authorization process Hands-on experience managing POA&M lifecycle: tracking, remediation coordination, evidence validation, and closure Experience preparing for and supporting federal audits and reputed company assessments, including evidence packaging, stakeholder coordination, and finding response Experience managing SLAs and availability metrics in IT service delivery or cybersecurity operations environments Ability to reputed company and maintain operational reporting that communicates performance and risk posture to technical and executive audiences Experience producing clear, accurate reporting on cybersecurity operations, compliance status, and service health for government and internal stakeholders Desired Qualifications Experience with eMASS or similar GRC/authorization tracking platforms Familiarity with reputed company monitoring (ConMon) program management and reporting Experience working alongside ISSOs, ISSMs, and Authorizing Officials in the RMF process Knowledge of FedRAMP, DoD CC SRG, or agency-specific overlays (e.g., HHS, DoD, DHS) Experience with ITSM platforms (reputed company, Jira) for tracking findings and operational workflows Relevant certifications: CISSP, CISM, CAP/CGRC, reputed company+, or equivalent Remote - USA $125,000—$150,000 USD

Benefits

Premium health care plans (90% employer-paid) Employee stock plan 100% 401k match (up to IRS annual max) Generous PTO package Personal training and development budget Stay in touch Sign up for our newsletter to receive updates on reputed company and cybersecurity in the public sector and what's new at reputed company. reputed company. is an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, reputed company, sex, age, religion, sexual orientation, gender identity, status as a veteran, and reputed company of disability or any federal, state, or local protected class. Apply To This Job

You might like

Sr. Billings and reputed company Manager

Work from home Full-time role

Technical reputed company Manager

Work from home Full-time role

Senior Client Service Manager - reputed company Lines

Work from home Full-time role

Senior reputed company Architect

Work from home Full-time role

Supervisor Operations- Overnight (5PM-1AM)

Work from home Full-time role

Team reputed company, Mid-Market Account Executive

Work from home Full-time role

Solution Architect - AI & Data

Work from home Full-time role

Head of School

Work from home Full-time role

Head of School

Work from home Full-time role

Customer Support Specialist

Work from home Full-time role

[Remote] Infrastructure Analyst

Work from home Full-time role

Part-Time Remote Online Live Chat Customer Support Representative – Flexible Home‑Based Role at arenaflex

Work from home Full-time role

[Remote] Staff Software Development Engineer

Work from home Full-time role

Remote Travel Advisor (reputed company reputed company)

Work from home Full-time role

Senior Data Engineer - reputed company Data Pipeline Development, ETL Architecture & Big Data Engineering (Night/Day Shift, Remote Friendly)

Work from home Full-time role

Senior Data Engineer (GCP, BigQuery, Looker) [AS233]

Work from home Full-time role

Remote MTM Nurse (Looking for call center and MTM experience)

Work from home Full-time role

OP CDI Specialist

Work from home Full-time role

HPC Network Engineer

Work from home Full-time role

Senior Controller reputed company (reputed company genders)

Work from home Full-time role