Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Compliance Analyst (GRC/RMF Focused)

Quzara LLC

Job Description

Job Description

Job Title: Compliance Analyst (GRC/RMF Focused)

Pay Type : SALARIED EXEMPT

Location: Hybrid, Washington, DC (DMV Area)

Summary of Position Role/Responsibilities

The Compliance Analyst (GRC/RMF Focused) supports governance, risk, and compliance (GRC) initiatives by developing, maintaining, and managing security documentation and compliance artifacts aligned with federal standards. This role plays a key part in supporting Risk Management Framework (RMF) activities, continuous monitoring, and authorization efforts across federal and regulated environments. This role requires strong expertise in NIST SP 800-53, FISMA, and related guidance, with the ability to translate technical system configurations into clear, audit-ready documentation. The ideal candidate is detail-oriented, organized, and capable of managing multiple compliance workstreams while engaging effectively with both technical and non-technical stakeholders.

Essential Functions of the Job

  • Experience authoring and maintaining security documentation, including System Security Plans (SSPs), control implementation statements, policies, and procedures
  • Strong knowledge of NIST SP 800-53 Moderate and High baselines and FISMA requirements
  • Ability to develop documentation in accordance with Agency-specific security and compliance requirements
  • Experience supporting FedRAMP and/or CMMC compliance efforts
  • Working understanding of SOC 2 principles and control structures
  • Hands-on experience with GRC tools
  • Ability to translate technical system configurations into clear, audit-ready documentation
  • Experience developing and managing POA&Ms and supporting continuous monitoring activities
  • Strong understanding of NIST standards and supporting guidance (e.g., 800-60, 800-37, 800-171, 800-137)
  • Ability to engage directly with customers, lead discussions, and clearly communicate requirements to both technical and non-technical stakeholders
  • Strong written and verbal communication skills with a focus on clarity and professionalism
  • Proven ability to manage multiple priorities and meet strict deadlines in a fast-paced environment
  • High attention to detail with strong organizational and documentation management skills
  • Proficiency with standard business tools (e.g., Microsoft Word, Excel, SharePoint, Teams)
  • Technical proficiency with On Prem environments, Cloud environments, and associated security concepts
  • Basic understanding of AI tools and ability to leverage them for documentation development (including effective prompting techniques)
  • Ability to work independently while coordinating effectively across internal teams and stakeholders.

Marginal Functions of the Job

  • Other duties as assigned

Normal Work Schedule

This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. Additional time outside of these hours may be needed to complete the essential functions of the job.

Education, Training, and Experience

  • Bachelor’s degree in Cybersecurity, Information Technology, Information Systems, or a related field.
  • 3–6+ years of experience in GRC, RMF, or cybersecurity compliance roles within federal or regulated environments.
  • Strong knowledge of NIST SP 800-53, FISMA, and supporting NIST guidance (e.g., 800-37, 800-60, 800-171, 800-137).
  • Experience supporting FedRAMP, CMMC, and/or SOC 2 compliance efforts.
  • Hands-on experience with GRC platforms and compliance tracking tools.
  • Technical understanding of on-premise and cloud environments and associated security concepts.
  • Proven ability to produce audit-ready documentation and manage compliance artifacts.
  • Strong written and verbal communication skills with the ability to clearly convey complex information.
  • Demonstrated ability to manage multiple projects and deadlines with strong organizational skills.
  • Experience working independently while coordinating across cross-functional teams.
  • Must be a U.S. Citizen and eligible to support federal contracting environments.

Preferred Certifications

  • CISA (Certified Information Systems Auditor)
  • Security+, CISSP, or similar cybersecurity certification
  • FedRAMP or RMF-related training or certifications are a plus

EEO Statement

The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.

Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the Compliance Analyst (GRC/RMF Focused) in Washington DC vacancy
  • A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You... 
    Suggested

    Medium

    Alexandria, VA
    3 days ago
  •  ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations navigate the complex landscape of cybersecurity compliance and risk management. You will work directly with clients to assess their... 
    Suggested
    Full time
    Remote work

    Districttechgroup

    Washington DC
    3 days ago
  • $130k - $180k

     ...’ll help build a cutting edge security compliance program aligned with FedRAMP, SOC 2, PCI...  ...secure and performant service. As a GRC Analyst at Virtru, you will be the primary...  ...annual Learning & Development Stipend focused on providing you the resources to continually... 
    Suggested
    Remote job
    Local area
    Flexible hours
    Shift work

    Virtru

    Washington DC
    more than 2 months ago
  • $68.4k - $131.76k

    Responsibilities Understand USDS compliance requirements and data security...  ...with case management tools or GRC platforms such as JIRA or...  ...frameworks: ISO 27001, NIST CSF, NIST RMF, FAIR, COBIT, ISO 31000, etc....  ...a subsidiary of TikTok that focuses on governance and protection... 
    Suggested
    Temporary work

    TikTok

    Washington DC
    2 days ago
  •  ...Apogee Global RMS is seeking a GRC / NIST RMF Specialist to support federal programs requiring disciplined governance, risk, and compliance execution. This role is built for practitioners who understand the full lifecycle of NIST RMF, can translate controls into actionable... 
    Suggested

    Apogee Global RMS

    Beltsville, MD
    1 day ago
  •  ...growth. We treat our people like family, we are mission-focused, and we give back! Join us today. Our Financial Management...  ...has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within the U.S. Army’s General Fund Enterprise Business... 
    Work at office
    Immediate start

    Systems Planning and Analysis, Inc.

    Arlington, VA
    2 days ago
  • A leading federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA. This role includes managing governance, risk, and compliance activities to ensure compliance with DoD requirements. The ideal candidate will have at least 10 years of relevant experience... 

    PingWind Inc

    Alexandria, VA
    2 days ago
  •  ...Analysis, Inc. is looking for a SIPR Governance, Risk, and Compliance (GRC) & Security Analyst in Arlington, Virginia. This role involves managing GRC...  ...onsite work and contributes significantly to mission-focused objectives. #J-18808-Ljbffr Systems Planning and Analysis... 

    Systems Planning and Analysis, Inc.

    Arlington, VA
    2 days ago
  • $189k - $225k

     ...The GRC Analyst, Federal & Customer Programs is responsible for the hands‑on analysis, documentation, and operational execution of the company's security governance, risk, and compliance obligations. This role sits at the intersection of customer contracts, regulatory... 
    Ongoing contract
    Contract work
    For subcontractor
    Work at office
    3 days per week

    Spire

    Washington DC
    1 day ago
  •  ...A cybersecurity compliance consulting firm is looking for a GRC Analyst to help organizations manage cybersecurity compliance and risk. This fully remote position involves conducting assessments, developing security policies, supporting compliance audits, and collaborating... 
    Remote work

    Districttechgroup

    Washington DC
    3 days ago
  • $86k - $101k

     ...Payment Network Compliance Analyst (Visa/Mastercard/Discover) Citizens is seeking a Payment Network Compliance Analyst...  ...relationships. This is a hands-on, execution-focused role —not a traditional vendor risk/GRC position. The work is case-driven, detail-heavy, and... 
    Work at office
    Local area
    Remote work
    Monday to Friday
    Flexible hours

    Citizens Financial Group, Inc.

    Laurel, MD
    3 days ago
  •  ...professional responsible for implementing technical controls and configuration settings. You will work alongside engineers and RMF analysts to support information system security. The ideal candidate should have significant experience in cybersecurity, cybersecurity policy... 

    Unofficial M.C. Dean

    Washington DC
    4 days ago
  • $78.9k - $123.3k

     ...seeking a detail-oriented cybersecurity compliance professional to support system authorization...  ...will have experience working with NIST RMF, NIST SP 800-53 controls, security authorization...  ..., and governance, risk, and compliance (GRC) platforms. Knowledge of cloud security... 
    Permanent employment
    Full time
    Part time
    Work at office
    Local area
    Remote work

    Noblis

    Washington DC
    3 days ago
  • $136k - $197k

    Senior Compliance Analyst, Public Sector About the job The Google Compliance team ensures that our...  ...(GPS) Governance, Risk and Compliance (GRC) team, you will act as a strategic lead,...  ...solutions purpose‑built for enterprises. We focus on helping United States public sector... 
    Temporary work
    Local area
    Flexible hours

    Google

    Washington DC
    2 days ago
  • BCG Attorney Search is seeking a mid-level healthcare associate for a law firm in Washington, DC. This role will focus on pharmacy, pharmaceutical supply chain, PBM, and reimbursement matters while addressing complex regulatory and commercial issues. The candidate should... 

    BCG Attorney Search

    Washington DC
    4 days ago
  •  ...approach, our employees benefit from programs focused on their professional development and...  ....com. Why We Need you! As part of the Compliance and Audit team, you will lead the execution...  ...Security Plan) Experience with NIST RMF Experience with POAM (Plan Off Action Milestones... 
    Work at office

    Ivanti

    Laurel, MD
    2 days ago
  • $100.2k - $203.4k

    SAP GRC (Governance, Risk, and Compliance) Consultant Washington, DC At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose... 
    Local area

    Accenture-Federal-Services-2

    Washington DC
    2 days ago
  • Ruleset Security is offering an exciting internship opportunity for a Governance, Risk, and Compliance (GRC) Analyst. This role is perfect for students or recent graduates looking to gain hands‑on experience in cybersecurity, compliance, and risk management. The internship... 
    Remote job
    Full time
    Internship

    Ruleset Security

    Arlington, VA
    1 day ago
  • Ruleset Security is offering an exciting internship opportunity for a Governance, Risk, and Compliance (GRC) Analyst. This role is perfect for students or recent graduates looking to gain hands-on experience in cybersecurity, compliance, and risk management. The internship... 
    Full time
    Internship

    Ruleset Security

    Arlington, VA
    1 day ago
  • $189k - $225k

    Spire is seeking a GRC Analyst in Washington, DC to manage cybersecurity governance, risk, and compliance requirements. This role involves thorough contract analysis, policy support, and cross-functional collaboration. Candidates should have at least five years of experience... 
    Contract work

    Spire

    Washington DC
    2 days ago
  • GoTo Meeting is seeking a GRC Analyst, Federal & Customer Programs, to manage security governance, risk, and compliance obligations. Responsibilities include analyzing contracts, mapping obligations to compliance frameworks, and producing compliance matrices. The ideal... 

    GoTo Meeting

    Washington DC
    2 days ago
  • Aaratech Inc. is seeking a Cyber Security GRC Analyst to support Governance, Risk, and Compliance (GRC) initiatives. You will help manage security frameworks, support audit readiness, conduct risk assessments, and ensure compliance with industry standards to strengthen... 

    Aaratech

    Washington DC
    4 days ago
  • $54.4k - $120.75k

     ...Compliance Analyst Commvault is seeking a Compliance Analyst to join our Governance, Risk, and Compliance (GRC) team and play a key role in operating and scaling our global compliance program. Reporting to the Compliance Manager, this is an individual contributor role... 

    Commvault

    Washington DC
    2 days ago
  • OpenAI is seeking a GRC Program Manager in Washington, DC, to drive ATO processes for FedRAMP and other government clients. This role involves collaborating with engineering teams, creating compliance documentation, and acting as a subject matter expert during audits.... 
    Relocation package

    OpenAI

    Washington DC
    3 days ago
  • A consulting firm seeks a Security & Compliance Analyst to support various client environments, concentrating on security operations, compliance preparedness, and risk management. This hands-on position involves collaboration with IT leadership to ensure effective maintenance... 
    Remote work

    Envision Consulting LLC

    Alexandria, VA
    2 days ago
  • $110k - $130k

     ...confidence. Role And Responsibilities Interpret cybersecurity compliance requirements and map them to operational, technical, and policy...  ...or audit support. CAP, CISSP, CISM, Security+. Experience with GRC tools and federal compliance programs. Ability to brief leadership... 
    For contractors

    Argo Cyber Systems

    Arlington, VA
    2 days ago
  •  ...senior-level experience, a strong knowledge of NIST RMF, and demonstrated leadership in managing large,...  ...senior Government representatives and ensure compliance with security protocols. A competitive benefits package and focus on employee culture are included. #J-18808-... 

    Agile Defense

    Washington DC
    21 hours ago
  • $125k - $290k

     ...employees and encourage them to pursue their ambitions. Weaver focuses on helping people lead balanced, integrated lives, supported...  ...Commercial Tax Manager or Senior Manager provides federal tax compliance and planning services to large middle market and public companies... 
    Flexible hours

    Weaver

    Bethesda, MD
    3 days ago
  •  ...of Columbia Public Schools is seeking an Analyst for the Nonpublic Unit who will manage...  ...families and school staff while ensuring compliance with regulations. Qualifications include...  ...every student with disabilities through focused initiatives. #J-18808-Ljbffr District of... 

    District of Columbia Public Schools

    Washington DC
    21 hours ago
  • At Nubank, Compliance is a strategic partner—not a tollgate. We view effective Risk Management...  ...using a targeted friction approach: we focus on the most relevant regulatory risks...  ...We are seeking an experienced Compliance Analyst with 5-8 years of dedicated compliance,... 
    Fixed term contract
    Work experience placement
    Local area

    Nubank

    Washington DC
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Compliance Analyst (GRC/RMF Focused). Be the first to apply!