GRC Analyst (NIST 800-53 / Audit & Compliance)

Job Description

This individual will support the organization's governance, risk, and compliance initiatives, with a strong focus on audit readiness and ongoing compliance validation. They will work closely with the vulnerability management team to validate scan outputs, ensuring accuracy in reporting, timeline adherence, and proper documentation of compliance status. A large portion of the role will involve supporting audit-related activities, including reviewing and validating evidence, tracking audit findings, and preparing documentation for submission to external assessors (including 3PAOs). The analyst will also play a key role in ensuring alignment with NIST 800-53 controls, helping interpret requirements and validate that proper controls are being met. The role requires strong organizational and analytical skills, as much of the work is currently managed in Excel-based tracking systems. This individual must be comfortable working in a structured, compliance-driven environment and capable of handling detailed validation work while collaborating with cross-functional teams to meet audit and regulatory requirements.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to View email address on jobs.institutedata.com learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:

Skills and Requirements

• Active or recent Public Trust (Tier 1/Tier 2) or Secret clearance

• 3+ years of professional experience as a GRC Analyst

• Strong experience working with NIST 800-53 controls

• Advanced proficiency in Excel

• Ability to interpret and apply security control frameworks

• Background in audit support, evidence collection, and compliance validation

• Strong attention to detail with ability to validate data and ensure accuracy

• Excellent communication skills with ability to work cross-functionally - Experience supporting federal or government clients

• Familiarity with 3PAO audits or similar assessment processes

• Experience working alongside vulnerability management or security operations teams