Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

SIPR Governance, Risk, and Compliance (GRC) & Security Specialist

Systems Planning and Analysis, Inc.

Overview Intrepid, an SPA Company, brings more than 20 years of experience supporting the Department of Defense and U.S. Government, consistently setting the standard for excellence in the federal marketplace. Committed to advancing the mission of the U.S. Warfighter, Intrepid leverages technological superiority to deliver innovative solutions across air, space, land, and sea domains. We are proud to foster a collaborative, dynamic work environment, offering competitive compensation and an industry-leading 401k contribution. Our team is built through merit and achievement, and we’re always looking for the best and brightest to join us in our growth. We treat our people like family, we are mission-focused, and we give back! Join us today. Our Financial Management & Business Analysis Portfolio supports the U.S. Army Financial Management Command (USAFMCOM), Systems Support Operations (SSO) Division. We provide effective functional systems support, user technical support, training support, and governance support of the Army’s modernized and deployed FM domain ERP systems (GFEBS / GFEBS-SA / GCSS-A Finance), ensuring technological capabilities maturation and evolution aligns with Army and FM domain goals and objectives. SPA has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within the U.S. Army’s General Fund Enterprise Business System – Sensitive Activities (GFEBS-SA). This role requires onsite work 5 days a week in customer’s SIPR location. Responsibilities Managing GRC system and its related processes: Manage the full lifecycle of GRC tickets to support user access provisioning. Conduct Segregation of Duties (SOD) Analysis simulations to identify and mitigate potential conflicts before assigning roles. This includes creating mock requests to troubleshoot user-reported issues. Deliver User Support & GRC training to groups of end-users, such as Supervisors and Role Approvers. Guide users in completing 4th Tier Hierarchy worksheets to facilitate security role updates, Developing job aids and process documentation. Working on SAP ECC/BI Security concepts and administration: Execute SAP Transactions. Conducting SAP Role Design & Objects. Gathering functional requirements from business users and translating them into clear, actionable specifications for the SAP Security team. Navigating Audit & Compliance: Participating in multiple cycles of internal and external audits. Facilitating SOC-1 and SOC-2 audits. Conducting Control Examination related to security, availability, processing integrity, and privacy. Responsible for User Access Reviews & Systems: Conducting Critical Access Monitoring (CAM) and engaging directly with end-users. Executing User Reaffirmation cycles, guiding users on removing unnecessary roles and resolving identified SOD conflicts. Managing and resolving incidents in ServiceNow. As part of FSO duties, conducting Physical Security in SCIF: Opening SIPR office space at 0700EST daily or closing SIPR at 1700EST M-F. Creating Visitor Access Requests (VARS) and verifying background clearances. Maintaining sign‑in and sign‑out roster for visitors; monitoring and assisting during on‑site classified meetings. Qualifications Required Qualifications: Active TS clearance 10+ years of position related experience in GRC systems, SAP ECC/BI Security, Audit & Compliance, Critical Access Monitoring. MA/MS degree The candidate must demonstrate mastery of the GRC system and its related processes: Ticket & Workflow Management – Experience managing the full lifecycle of GRC tickets to support user access provisioning. Must be able to articulate the purpose of each stage in the GRC workflow. Segregation of Duties (SOD) Analysis – Experience conducting SOD simulations to identify and mitigate potential conflicts before assigning roles. User Support & Training – Experience delivering GRC training to groups of end‑users. Process Documentation – Experience guide users in completing 4th Tier Hierarchy worksheets to facilitate security role updates. Ability to develop job aids and process documentation (e.g., how to request a FireFighter ID). Issue Resolution – Understand the utilization of GRC "escape paths" to resolve complex access issues. The candidate must have a strong technical foundation in SAP ECC/BI Security concepts and administration. SAP Transactions – Proficiency in executing and understanding the purpose of key SAP transactions, including: SE16n, SU01D, SUIM, SU53, WE02, FMZ3, and SM37. Role Design & Objects – Experience & knowledge of SAP role design (single vs. composite) and a thorough understanding of core authorization objects (e.g., S_TABU_DIS, S_PROGRAM, S_USR_* tables). Requirements Translation – Proven ability to gather functional requirements from business users and translate them into clear, actionable specifications for the SAP Security team. The candidate must be experienced in Audit & Compliance , navigating the demands of both internal and external audits. Audit Participation – Direct experience participating in multiple cycles of internal and external audits, including responding to PBC requests. SOC Audits – Direct experience facilitating SOC‑1 and SOC‑2 audits in a federal environment. Must be able to articulate their specific role, contributions, and challenges faced. Auditor Communication – Adept at discussing Segregation of Duties controls and policies with internal and external auditors. Control Examination – Ability to examine controls related to security, availability, processing integrity, and privacy, and provide concrete examples of evidence supplied for audit reviews. Must be experienced in User Access Reviews & System Proficiency , in cyclical user access reviews and must be proficient in using a help desk system. Critical Access Monitoring (CAM) – Experience with the CAM process, including its purpose, risks, and benefits, as well as engaging directly with end‑users. User Reaffirmation – Proven ability to execute User Reaffirmation cycles, guiding users on removing unnecessary roles and resolving identified SOD conflicts. ServiceNow – Proficiency in using ServiceNow as a help desk ticketing system to manage and resolve incidents. Experience in Physical Security is a plus: Role requires availability to open SIPR office space at 0700EST daily or close SIPR at 1700EST M-F. Experience using DISS: creating Visitor Access Requests (VARS) and verifying background clearances. #J-18808-Ljbffr Systems Planning and Analysis, Inc.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the SIPR Governance, Risk, and Compliance (GRC) & Security Specialist in Arlington, VA vacancy
  • SPA is seeking a SIPR Governance, Risk, and Compliance (GRC) & Security Analyst in Arlington, Virginia. The role involves managing GRC systems, conducting audits, and providing user support. The ideal candidate will have 10+ years of relevant experience, an active TS clearance... 
    Suggested
    Full time

    SPA

    Arlington, VA
    1 day ago
  • Systems Planning and Analysis, Inc. is looking for a SIPR Governance, Risk, and Compliance (GRC) & Security Analyst in Arlington, Virginia. This role involves managing GRC systems and providing user access provisioning support. Candidates must have over 10 years of relevant... 
    Suggested

    Systems Planning and Analysis, Inc.

    Arlington, VA
    1 day ago
  • salesforce.com, inc. is looking for a Manager of Governance, Risk and Compliance Security Automation in McLean, Virginia. The ideal candidate will drive...  ...should possess 8+ years of relevant knowledge including GRC and software engineering, with demonstrated experience in... 
    Suggested

    salesforce.com, inc.

    Mc Lean, VA
    4 days ago
  • Providge Consulting is seeking a Technical Product Manager specializing in Security & Compliance to support the Governance, Risk, and Compliance (GRC) team within IT. Responsibilities include gathering requirements, developing product roadmaps, managing a product backlog... 
    Suggested
    Full time

    Providge Consulting

    Washington DC
    1 day ago
  •  ...About the Role: Join CFM Partners GRC, Inc. as a Regulatory Compliance Specialist - Content & Product. In this...  ...services professionals in the securities industry. This role focuses on...  ...helps organizations strengthen governance, manage risk, and build a lasting culture of... 
    Suggested
    Work from home
    Flexible hours

    CFM Partners GRC, Inc.

    Washington DC
    3 days ago
  • Appian in McLean, Virginia is seeking an Analyst for the Information Security Trust team. This role involves supporting the governance, risk, and compliance program and ensuring adherence to security policies across the company. The ideal candidate will have a passion for... 
    Work at office

    Appian

    Mc Lean, VA
    4 days ago
  • Tharros is seeking a Senior Security Governance and Policy Analyst to support...  ...governance, policy, compliance, and executive communications...  ...control catalogs, supply chain risk management, AI/ML security considerations...  ...FISMA, CNSSI, NIST 800-53, GRC processes, security control... 
    Work at office

    ANALYGENCE

    Washington DC
    1 day ago
  •  ...accomplishing hard things, together. As an Analyst on the Information Security Trust team, you will support the implementation of a continuously evolving governance, risk, and compliance program (GRC) supporting our enterprise and products. In this role, you will help... 
    Work at office
    Local area

    Appian

    Mc Lean, VA
    4 days ago
  • $100k - $140k

     ...Job Description Job Description Dark Wolf's Google Cloud Security Governance, Risk, and Compliance (GRC) Consultants are the Subject Matter Experts (SMEs) responsible for applying the National Institute of Standards and Technology (NIST) Risk Management Framework... 
    Full time
    For contractors

    Dark Wolf Solutions

    Herndon, VA
    25 days ago
  • Job Title: Technical Product Manager - Security & Compliance Industry: Information Technology Location: Onsite, Washington,...  ...specializing in Security & Compliance to support the Governance, Risk and Compliance (GRC) team within the IT division at the client. This team... 
    Full time
    Contract work
    Temporary work

    Providge Consulting

    Washington DC
    21 hours ago
  • Bart & Associates, Inc. is seeking an experienced SAP GRC & Security Specialist in McLean, Virginia. This role is responsible for designing, implementing, and managing governance, risk, and compliance solutions across SAP environments. Key responsibilities include maintaining... 

    Bart & Associates, Inc.

    Mc Lean, VA
    1 day ago
  • Job Summary B&A is seeking an experienced SAP GRC & Security Specialist to design, implement, and manage governance, risk, and compliance (GRC) and security solutions across SAP environments. This role is responsible for ensuring regulatory compliance, enforcing security... 
    Full time
    Local area

    Bart & Associates, Inc.

    Mc Lean, VA
    1 day ago
  • Accenture Federal Services is seeking a SAP Security Consultant to deliver full lifecycle security support across ECC, S/4HANA, BW on HANA...  ..., ongoing authorization management, and alignment with GRC, BRF+, and MSMP workflows. U.S. citizenship is required and the... 

    Accenture Federal Services

    Washington DC
    1 day ago
  •  ...Chief Information Security Officer (CISO) As the #1 leader in hospitality worldwide...  ...enterprise-wide information security, governance, risk, compliance and trust strategy to protect the...  ...Program, Governance, Risk, and Compliance (GRC), Identity and Access Management (IAM)... 
    Worldwide

    Marriott International Inc

    Silver Spring, MD
    1 day ago
  • CGI Njoyn is seeking a Senior SAP Application Security and GRC Analyst in Fairfax, Virginia. This role involves leading security measures...  ...during an SAP S/4HANA implementation project for a significant government contract. Applicants must have at least 9 years of SAP... 
    Contract work

    CGI Njoyn

    Fairfax, VA
    4 days ago
  •  ...Time Title SAP Application Security and GRC Analyst (Sr.) - U.S. Citizenship...  ...project for a large government contract. The candidate will...  ...continuous improvement and risk mitigation. Oversee security...  ...copies, and refreshes, ensuring compliance with security protocols. Conduct... 
    Permanent employment
    Full time
    Contract work
    Work at office
    Local area

    CGI Njoyn

    Fairfax, VA
    4 days ago
  • $105k - $115k

     ...hiring a Senior Information Security Analyst. This is a full-...  ...with regards to the Risk Management Framework (RMF...  ...InfoSec initiatives including compliance, awareness and training,...  ...Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an... 
    Full time
    Contract work
    Work at office
    Remote work
    Flexible hours

    Data Systems Analysts, Inc.

    Fairfax, VA
    1 day ago
  • Security Specialist II - Risk Assessment Specialist Type: Full Time Location: Washington, DC Overtime Exempt: No Reports To: ARMADA HQ Security...  .... ARMADA complies with applicable state and local laws governing non-discrimination in employment in every location in... 
    Full time
    For contractors
    Local area
    Relocation

    ARMADA, Ltd.

    Washington DC
    21 hours ago
  • A security management company based in Arlington, VA is seeking a Mid-Senior level Security Operations Physical Security Specialist. This full-time position involves conducting assessments for the...  ...provided. #J-18808-Ljbffr Watermark Risk Management International, LLC
    Full time

    Watermark Risk Management International, LLC

    Arlington, VA
    2 days ago
  • A security services company is hiring a Security Specialist II - Risk Assessment Specialist in Washington, DC. This full-time role requires managing the Position Description database, conducting Risk Designation assessments, and maintaining accurate contractor information... 
    Full time
    For contractors

    ARMADA, Ltd.

    Washington DC
    21 hours ago
  •  ...Security Specialist (Personnel Security) Advanced Decision Vectors, LLC...  ...not limited to ensuring USSF compliance with SCI/SAP security...  ...Conducting SAP Indoctrinations to government customers approved for...  ...access requests such as NIPR, SIPR, JWICS. Knowledge of In-... 
    Temporary work
    For contractors
    Work at office
    Remote work
    Flexible hours

    ADVANCED DECISION VECTORS, LLC

    Washington DC
    3 days ago
  • $129.99k - $149.48k

     ...where your expertise in cybersecurity controls, risk management, and compliance helps organizations securely deliver impactful services? Job Code: PRO-...  ...Ripple Effect is seeking 2 highly skilled Security Specialists to support our client’s mission by strengthening... 
    Full time
    Work at office
    Remote work
    Flexible hours

    Ripple Effect

    Bethesda, MD
    1 day ago
  • $140k - $190k

    Security, Risk and Compliance Consultant Washington, District of Columbia, United States WHO WE LOOK FOR...  ...Familiarity or direct experience with GRC/Cybersecurity solutions, tools and...  ...or projects with military or federal government agencies in Risk, Compliance or Information... 
    Permanent employment

    SEI

    Washington DC
    1 day ago
  • $84.9k - $160.2k

    Accenture Federal Services is seeking an SAP Application Security Specialist in Washington, D.C., responsible for User Management functions, including user role creations, changes, and audits. Candidates should have at least 6 months of relevant SAP experience, specifically... 

    Accenture Federal Services

    Washington DC
    1 day ago
  • $161k - $175k

     ...landmark decisions on previously untried issues involving antitrust, securities, consumer rights, civil rights, employee benefits, human...  ...of the federal securities laws, and work to reform corporate governance through shareholder derivative suits. We represent investors in... 
    Work at office

    Theuniversityunion

    Washington DC
    21 hours ago
  • The Washington, DC office seeks a mid-level corporate & securities associate with 2-3 years of experience in a broad range of corporate...  ...securities matters, including public company advisory work, corporate governance, and capital markets financings. Responsibilities include... 
    Work at office

    Hogan Lovells

    Washington DC
    2 days ago
  • Security Assistance Coordinators (Mid-Level and Junior-Level) Office of Security Assistance Support Project, Washington, DC About Social...  ...across all development sectors, including democracy and governance, health and education, the environment, and economic growth. Since... 
    Full time
    Contract work
    For contractors
    Work experience placement
    Interim role
    Work at office

    International Executive Service Corps

    Washington DC
    4 days ago
  • Unison is seeking a Security Governance Manager in Washington D.C. to oversee critical federal authorizations and compliance operations. You will lead security governance and ensure the...  ...ideal candidate will have over 6 years in GRC and strong hands-on FedRAMP experience.... 
    Remote job
    Work at office

    Unison

    Washington DC
    21 hours ago
  • $155k - $190k

     ...power the business of government to work smoother and smarter...  ...through friction, keep compliance airtight, and sharpen...  ...: Unison is hiring a Security Governance Manager to...  ...leadership role for a GRC practitioner who treats...  ...and annual deliverables, risk documentation, remediation... 
    Remote job
    Contract work
    For contractors
    Work at office
    Local area
    Worldwide

    Unison

    Washington DC
    21 hours ago
  • $170k - $230k

     ...associated complexity and risks. We are an end‑to‑end...  ...Oil & Gas, and National Security. About The Role As the Senior...  ...will own the strategic governance backbone of Trase's Security and Compliance program, implementing...  ...champion of our broader GRC functions (e.g., risk management... 
    Shift work

    Trase

    Mc Lean, VA
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to SIPR Governance, Risk, and Compliance (GRC) & Security Specialist. Be the first to apply!