Compliance Analyst (GRC/RMF Focused)
Quzara LLC
Job Description
Job Description
Job Title: Compliance Analyst (GRC/RMF Focused)
Pay Type : SALARIED EXEMPT
Location: Hybrid, Washington, DC (DMV Area)
Summary of Position Role/Responsibilities
The Compliance Analyst (GRC/RMF Focused) supports governance, risk, and compliance (GRC) initiatives by developing, maintaining, and managing security documentation and compliance artifacts aligned with federal standards. This role plays a key part in supporting Risk Management Framework (RMF) activities, continuous monitoring, and authorization efforts across federal and regulated environments. This role requires strong expertise in NIST SP 800-53, FISMA, and related guidance, with the ability to translate technical system configurations into clear, audit-ready documentation. The ideal candidate is detail-oriented, organized, and capable of managing multiple compliance workstreams while engaging effectively with both technical and non-technical stakeholders.
Essential Functions of the Job
- Experience authoring and maintaining security documentation, including System Security Plans (SSPs), control implementation statements, policies, and procedures
- Strong knowledge of NIST SP 800-53 Moderate and High baselines and FISMA requirements
- Ability to develop documentation in accordance with Agency-specific security and compliance requirements
- Experience supporting FedRAMP and/or CMMC compliance efforts
- Working understanding of SOC 2 principles and control structures
- Hands-on experience with GRC tools
- Ability to translate technical system configurations into clear, audit-ready documentation
- Experience developing and managing POA&Ms and supporting continuous monitoring activities
- Strong understanding of NIST standards and supporting guidance (e.g., 800-60, 800-37, 800-171, 800-137)
- Ability to engage directly with customers, lead discussions, and clearly communicate requirements to both technical and non-technical stakeholders
- Strong written and verbal communication skills with a focus on clarity and professionalism
- Proven ability to manage multiple priorities and meet strict deadlines in a fast-paced environment
- High attention to detail with strong organizational and documentation management skills
- Proficiency with standard business tools (e.g., Microsoft Word, Excel, SharePoint, Teams)
- Technical proficiency with On Prem environments, Cloud environments, and associated security concepts
- Basic understanding of AI tools and ability to leverage them for documentation development (including effective prompting techniques)
- Ability to work independently while coordinating effectively across internal teams and stakeholders.
Marginal Functions of the Job
- Other duties as assigned
Normal Work Schedule
This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. Additional time outside of these hours may be needed to complete the essential functions of the job.
Education, Training, and Experience
- Bachelor’s degree in Cybersecurity, Information Technology, Information Systems, or a related field.
- 3–6+ years of experience in GRC, RMF, or cybersecurity compliance roles within federal or regulated environments.
- Strong knowledge of NIST SP 800-53, FISMA, and supporting NIST guidance (e.g., 800-37, 800-60, 800-171, 800-137).
- Experience supporting FedRAMP, CMMC, and/or SOC 2 compliance efforts.
- Hands-on experience with GRC platforms and compliance tracking tools.
- Technical understanding of on-premise and cloud environments and associated security concepts.
- Proven ability to produce audit-ready documentation and manage compliance artifacts.
- Strong written and verbal communication skills with the ability to clearly convey complex information.
- Demonstrated ability to manage multiple projects and deadlines with strong organizational skills.
- Experience working independently while coordinating across cross-functional teams.
- Must be a U.S. Citizen and eligible to support federal contracting environments.
Preferred Certifications
- CISA (Certified Information Systems Auditor)
- Security+, CISSP, or similar cybersecurity certification
- FedRAMP or RMF-related training or certifications are a plus
EEO Statement
The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.
- A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You...Suggested
- ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations navigate the complex landscape of cybersecurity compliance and risk management. You will work directly with clients to assess their...SuggestedFull timeRemote work
$130k - $180k
...’ll help build a cutting edge security compliance program aligned with FedRAMP, SOC 2, PCI... ...secure and performant service. As a GRC Analyst at Virtru, you will be the primary... ...annual Learning & Development Stipend focused on providing you the resources to continually...SuggestedRemote jobLocal areaFlexible hoursShift work$68.4k - $131.76k
Responsibilities Understand USDS compliance requirements and data security... ...with case management tools or GRC platforms such as JIRA or... ...frameworks: ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, ISO 31000, etc.... ...a subsidiary of TikTok that focuses on governance and protection...SuggestedTemporary work- ...Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable...Suggested
- ...growth. We treat our people like family, we are mission-focused, and we give back! Join us today. Our Financial Management... ...has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within the U.S. Army’s General Fund Enterprise Business...Work at officeImmediate start
- A leading federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA. This role includes managing governance, risk, and compliance activities to ensure compliance with DoD requirements. The ideal candidate will have at least 10 years of relevant experience...
- ...Analysis, Inc. is looking for a SIPR Governance, Risk, and Compliance (GRC) & Security Analyst in Arlington, Virginia. This role involves managing GRC... ...onsite work and contributes significantly to mission-focused objectives. #J-18808-Ljbffr Systems Planning and Analysis...
$189k - $225k
...The GRC Analyst, Federal & Customer Programs is responsible for the hands‑on analysis, documentation, and operational execution of the company's security governance, risk, and compliance obligations. This role sits at the intersection of customer contracts, regulatory...Ongoing contractContract workFor subcontractorWork at office3 days per week- ...A cybersecurity compliance consulting firm is looking for a GRC Analyst to help organizations manage cybersecurity compliance and risk. This fully remote position involves conducting assessments, developing security policies, supporting compliance audits, and collaborating...Remote work
$86k - $101k
...Payment Network Compliance Analyst (Visa/Mastercard/Discover) Citizens is seeking a Payment Network Compliance Analyst... ...relationships. This is a hands-on, execution-focused role —not a traditional vendor risk/GRC position. The work is case-driven, detail-heavy, and...Work at officeLocal areaRemote workMonday to FridayFlexible hours- ...professional responsible for implementing technical controls and configuration settings. You will work alongside engineers and RMF analysts to support information system security. The ideal candidate should have significant experience in cybersecurity, cybersecurity policy...
$78.9k - $123.3k
...seeking a detail-oriented cybersecurity compliance professional to support system authorization... ...will have experience working with NIST RMF, NIST SP 800-53 controls, security authorization... ..., and governance, risk, and compliance (GRC) platforms. Knowledge of cloud security...Permanent employmentFull timePart timeWork at officeLocal areaRemote work$136k - $197k
Senior Compliance Analyst, Public Sector About the job The Google Compliance team ensures that our... ...(GPS) Governance, Risk and Compliance (GRC) team, you will act as a strategic lead,... ...solutions purpose‑built for enterprises. We focus on helping United States public sector...Temporary workLocal areaFlexible hours- BCG Attorney Search is seeking a mid-level healthcare associate for a law firm in Washington, DC. This role will focus on pharmacy, pharmaceutical supply chain, PBM, and reimbursement matters while addressing complex regulatory and commercial issues. The candidate should...
- ...approach, our employees benefit from programs focused on their professional development and... ....com. Why We Need you! As part of the Compliance and Audit team, you will lead the execution... ...Security Plan) Experience with NIST RMF Experience with POAM (Plan Off Action Milestones...Work at office
$100.2k - $203.4k
SAP GRC (Governance, Risk, and Compliance) Consultant Washington, DC At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose...Local area- Ruleset Security is offering an exciting internship opportunity for a Governance, Risk, and Compliance (GRC) Analyst. This role is perfect for students or recent graduates looking to gain hands‑on experience in cybersecurity, compliance, and risk management. The internship...Remote jobFull timeInternship
- Ruleset Security is offering an exciting internship opportunity for a Governance, Risk, and Compliance (GRC) Analyst. This role is perfect for students or recent graduates looking to gain hands-on experience in cybersecurity, compliance, and risk management. The internship...Full timeInternship
$189k - $225k
Spire is seeking a GRC Analyst in Washington, DC to manage cybersecurity governance, risk, and compliance requirements. This role involves thorough contract analysis, policy support, and cross-functional collaboration. Candidates should have at least five years of experience...Contract work- GoTo Meeting is seeking a GRC Analyst, Federal & Customer Programs, to manage security governance, risk, and compliance obligations. Responsibilities include analyzing contracts, mapping obligations to compliance frameworks, and producing compliance matrices. The ideal...
- Aaratech Inc. is seeking a Cyber Security GRC Analyst to support Governance, Risk, and Compliance (GRC) initiatives. You will help manage security frameworks, support audit readiness, conduct risk assessments, and ensure compliance with industry standards to strengthen...
$54.4k - $120.75k
...Compliance Analyst Commvault is seeking a Compliance Analyst to join our Governance, Risk, and Compliance (GRC) team and play a key role in operating and scaling our global compliance program. Reporting to the Compliance Manager, this is an individual contributor role...- OpenAI is seeking a GRC Program Manager in Washington, DC, to drive ATO processes for FedRAMP and other government clients. This role involves collaborating with engineering teams, creating compliance documentation, and acting as a subject matter expert during audits....Relocation package
- A consulting firm seeks a Security & Compliance Analyst to support various client environments, concentrating on security operations, compliance preparedness, and risk management. This hands-on position involves collaboration with IT leadership to ensure effective maintenance...Remote work
$110k - $130k
...confidence. Role And Responsibilities Interpret cybersecurity compliance requirements and map them to operational, technical, and policy... ...or audit support. CAP, CISSP, CISM, Security+. Experience with GRC tools and federal compliance programs. Ability to brief leadership...For contractors- ...senior-level experience, a strong knowledge of NIST RMF, and demonstrated leadership in managing large,... ...senior Government representatives and ensure compliance with security protocols. A competitive benefits package and focus on employee culture are included. #J-18808-...
$125k - $290k
...employees and encourage them to pursue their ambitions. Weaver focuses on helping people lead balanced, integrated lives, supported... ...Commercial Tax Manager or Senior Manager provides federal tax compliance and planning services to large middle market and public companies...Flexible hours- ...of Columbia Public Schools is seeking an Analyst for the Nonpublic Unit who will manage... ...families and school staff while ensuring compliance with regulations. Qualifications include... ...every student with disabilities through focused initiatives. #J-18808-Ljbffr District of...
- At Nubank, Compliance is a strategic partner—not a tollgate. We view effective Risk Management... ...using a targeted friction approach: we focus on the most relevant regulatory risks... ...We are seeking an experienced Compliance Analyst with 5-8 years of dedicated compliance,...Fixed term contractWork experience placementLocal area
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Compliance Analyst (GRC/RMF Focused). Be the first to apply!
- junior regulatory affairs specialist Washington DC
- regulatory reporting analyst Washington DC
- legal compliance analyst Washington DC
- senior compliance analyst Washington DC
- regulatory compliance specialist Washington DC
- trade compliance specialist Washington DC
- regulatory affairs consultant Washington DC
- regulatory affairs specialist Washington DC
- compliance coordinator Washington DC
- cybersecurity policy and compliance analyst Washington DC

