Support a state government information security program by developing and tracking implementation plans, conducting audits, and managing remediation processes. Build and maintain policies, procedures, and documentation to ensure compliance with NIST 800-53 and other standards. Requires 10+ years of experience, strong GRC tool proficiency, and full background clearance.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Nice to Have
Job Description
Senior Information Security GRC Analyst
We're hiring a Senior Information Security GRC Analyst to support a state government information security program. It's a one-year contract with possible extension, 100% remote on EST hours. If you're near Columbia, SC and can make the occasional onsite meeting, that's a plus, but not required.
A few things up front so nobody wastes time: this is a W2 role only (no C2C or third parties), and it's open to U.S. Citizens and Green Card holders only. Heads up that there's a full background check (7-year, credit, MVR, E-Verify, state check) and CJIS certification after you start.
What you'll do:
- Sit down with agency business and technical owners to pin down the policies and procedures behind each process
- Build and track information security implementation plans and keep progress moving
- Review agency documentation and assess whether it actually meets the required controls
- Turn what you learn from interviews and document reviews into formal process and procedure write-ups
- Work POA&M / CAP remediation and track items to closure
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Required:
- 10+ years in information security and compliance
- 2+ years running security audits against a standard control set (as an auditor or responding ISSO)
- Strong working knowledge of NIST 800-53 (2+ years)
- Hands-on POA&M or CAP experience
- 3+ years using a GRC tool (Archer or similar)
- Strong communication skills
- A complete, verifiable bachelor's degree
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
Preferred:
- You've built out an information security plan or system security plan (SSP) notebook
- You've managed multiple infosec efforts at once
- Familiarity with IRS 1075, HIPAA, CJIS, MARS-E and/or PCI-DSS
- Government or public-sector experience
- CISA, GSLC, or equivalent certification
Similar Jobs
Explore other opportunities that match your interests
hiring our heroes
Ringside Talent
