Senior GRC Analyst

Description

The work we do here goes far beyond day-to-day projects - it further protects the US defense industrial base from cyber threats, fosters thought leadership and creates growth opportunities. Our support staff, sales team and technicians are all coming together to make a difference. We also recognize that you're a person with life beyond work, that's why we invest in meaningful health and welfare benefits such as:

• Excellent health/dental benefits from BCBS
• VSP vision benefits
• 401k with company matching
• Unlimited mobile phone plan
• 10 days' vacation, 7 days sick time
• Bonuses and salary increase potential via our certifications plan

Summary

We are seeking a detail-oriented GRC Analyst to join our compliance and risk management team supporting critical defense industrial base (DIB) requirements. This role is essential to our expanding compliance program portfolio, including CMMC Level 2/3, NIST 800-171 R2/R3, ISO 27001:2022, GDPR, and SOC 2 Type II certifications.

Responsibilities

• Continuous Compliance Operations (55%): Evidence Management, ServiceNow GRC Administration, Risk & POA&M Management
• Evidence Management: Collect, organize, and maintain compliance evidence on weekly, monthly, quarterly, and semi-annual schedules across all active frameworks
• ServiceNow GRC Administration: Update and maintain GRC modules including control implementations, risk registers, POA&Ms, and compliance artifacts
• Risk & POA&M Management: Distribute notifications to risk and POA&M owners, track remediation activities, escalate overdue items, and maintain accurate status reporting

Location: Huntsville, AL/Remote Clearance: Desired, not required