Compliance Analyst (GRC/RMF Focused)
CL 1e6d8f31 073f 48cd b324 b581c00084bf
Job Title: Compliance Analyst (GRC/RMF Focused) Pay Type: SALARIED EXEMPT Location: Hybrid, Washington, DC (DMV Area) Summary of Position Role/Responsibilities The Compliance Analyst (GRC/RMF Focused) supports governance, risk, and compliance (GRC) initiatives by developing, maintaining, and managing security documentation and compliance artifacts aligned with federal standards. This role plays a key part in supporting Risk Management Framework (RMF) activities, continuous monitoring, and authorization efforts across federal and regulated environments. This role requires strong expertise in NIST SP 800-53, FISMA, and related guidance, with the ability to translate technical system configurations into clear, audit‑ready documentation. The ideal candidate is detail‑oriented, organized, and capable of managing multiple compliance workstreams while engaging effectively with both technical and non‑technical stakeholders. Essential Functions of the Job Experience authoring and maintaining security documentation, including System Security Plans (SSPs), control implementation statements, policies, and procedures Strong knowledge of NIST SP 800-53 Moderate and High baselines and FISMA requirements Ability to develop documentation in accordance with Agency‑specific security and compliance requirements Experience supporting FedRAMP and/or CMMC compliance efforts Working understanding of SOC 2 principles and control structures Hands‑on experience with GRC tools Ability to translate technical system configurations into clear, audit‑ready documentation Experience developing and managing POA&Ms and supporting continuous monitoring activities Strong understanding of NIST standards and supporting guidance (e.g., 800-60, 800-37, 800-171, 800-137) Ability to engage directly with customers, lead discussions, and clearly communicate requirements to both technical and non‑technical stakeholders Strong written and verbal communication skills with a focus on clarity and professionalism Proven ability to manage multiple priorities and meet strict deadlines in a fast‑paced environment High attention to detail with strong organizational and documentation management skills Proficiency with standard business tools (e.g., Microsoft Word, Excel, SharePoint, Teams) Technical proficiency with On Prem environments, Cloud environments, and associated security concepts Basic understanding of AI tools and ability to leverage them for documentation development (including effective prompting techniques) Ability to work independently while coordinating effectively across internal teams and stakeholders. Marginal Functions of the Job Other duties as assigned Normal Work Schedule This is a full‑time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. Additional time outside of these hours may be needed to complete the essential functions of the job. Education, Training, and Experience Bachelor’s degree in Cybersecurity, Information Technology, Information Systems, or a related field. 3–6+ years of experience in GRC, RMF, or cybersecurity compliance roles within federal or regulated environments. Strong knowledge of NIST SP 800-53, FISMA, and supporting NIST guidance (e.g., 800-37, 800-60, 800-171, 800-137). Experience supporting FedRAMP, CMMC, and/or SOC 2 compliance efforts. Hands‑on experience with GRC platforms and compliance tracking tools. Technical understanding of on‑premise and cloud environments and associated security concepts. Proven ability to produce audit‑ready documentation and manage compliance artifacts. Strong written and verbal communication skills with the ability to clearly convey complex information. Demonstrated ability to manage multiple projects and deadlines with strong organizational skills. Experience working independently while coordinating across cross‑functional teams. Must be a U.S. Citizen and eligible to support federal contracting environments. Preferred Certifications CISA (Certified Information Systems Auditor) Security+, CISSP, or similar cybersecurity certification FedRAMP or RMF‑related training or certifications are a plus EEO Statement The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws. #J-18808-Ljbffr CL 1e6d8f31 073f 48cd b324 b581c00084bf
- A federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You...Suggested
- ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations navigate the complex landscape of cybersecurity compliance and risk management. You will work directly with clients to assess their...SuggestedFull timeRemote work
$162k - $310k
...office closures throughout the year for focus and recharge, plus paid sick or safe time... .... About the Team Governance, Risk, and Compliance (GRC) is foundational to Security delivering... ...security frameworks and policies (e.g., NIST, RMF, FedRAMP). Ability to communicate...SuggestedFull timeWork at officeLocal areaRelocation packageFlexible hours$130k - $180k
...’ll help build a cutting edge security compliance program aligned with FedRAMP, SOC 2, PCI... ...secure and performant service. As a GRC Analyst at Virtru, you will be the primary... ...annual Learning & Development Stipend focused on providing you the resources to continually...SuggestedRemote jobLocal areaFlexible hoursShift work- A leading federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA. This role includes managing governance, risk, and compliance activities to ensure compliance with DoD requirements. The ideal candidate will have at least 10 years of relevant experience...Suggested
$99k - $225k
Enterprise Cybersecurity GRC Governance Analyst The Enterprise Cybersecurity (ECS) Governance, Risk, and Compliance (GRC) team is seeking an experienced... ...technical tools. A central focus of this role is identifying... ...Risk Management Framework (RMF), Federal Information...Work at officeLocal areaRemote work$98k - $163k
...: Guidehouse is seeking an IT Audit & Compliance professional to help our client at a large... ...cybersecurity frameworks. This role focuses on audit preparation and coordination. The... ...security and privacy controls), NIST SP 800‑37 (RMF), NIST SP 800‑171 (CUI), FISMA, FISCAM,...Temporary workRemote workFlexible hours- ...A cybersecurity compliance consulting firm is looking for a GRC Analyst to help organizations manage cybersecurity compliance and risk. This fully remote position involves conducting assessments, developing security policies, supporting compliance audits, and collaborating...Remote work
- ...professional responsible for implementing technical controls and configuration settings. You will work alongside engineers and RMF analysts to support information system security. The ideal candidate should have significant experience in cybersecurity, cybersecurity policy...
$78.9k - $123.3k
...seeking a detail-oriented cybersecurity compliance professional to support system authorization... ...will have experience working with NIST RMF, NIST SP 800-53 controls, security authorization... ..., and governance, risk, and compliance (GRC) platforms. Knowledge of cloud security...Permanent employmentFull timePart timeWork at officeLocal areaRemote work- BCG Attorney Search is seeking a mid-level healthcare associate for a law firm in Washington, DC. This role will focus on pharmacy, pharmaceutical supply chain, PBM, and reimbursement matters while addressing complex regulatory and commercial issues. The candidate should...
- Ruleset Security is offering an exciting internship opportunity for a Governance, Risk, and Compliance (GRC) Analyst. This role is perfect for students or recent graduates looking to gain hands‑on experience in cybersecurity, compliance, and risk management. The internship...Remote jobFull timeInternship
- Ruleset Security is offering an exciting internship opportunity for a Governance, Risk, and Compliance (GRC) Analyst. This role is perfect for students or recent graduates looking to gain hands-on experience in cybersecurity, compliance, and risk management. The internship...Full timeInternship
- GoTo Meeting is seeking a GRC Analyst, Federal & Customer Programs, to manage security governance, risk, and compliance obligations. Responsibilities include analyzing contracts, mapping obligations to compliance frameworks, and producing compliance matrices. The ideal...
- ...Compliance Data Analyst ProSidian is a Management And Operations Consulting Services firm that focuses on providing value to clients through tailored solutions based on industry-leading practices. ProSidian provides enterprise services/solutions for Risk Management...Contract workH1bWork at office
- ...LIS Solutions is seeking a Junior Compliance Officer to join their team in Arlington, VA. This role focuses on supporting federal law enforcement by handling sensitive data and conducting audits related to Employment Eligibility Verification Forms (I-9). The ideal candidate...Work at office
$113.1k - $133.7k
...Regulatory Compliance Analyst 4 Reporting to the Director, Corporate Compliance, the Regulatory Compliance Analyst 4 will assist with the... ..., Legal, a regulatory agency, or a related position, focusing on compliance program management and internal misconduct investigations...Flexible hours$86k - $126k
# Compliance AnalystARGO Cyber SystemsContractmidArlington, Virginia, USPosted 7 days ago## Role... ...Systems is hiring a mid-level Compliance Analyst. This is a contract role in Arlington.... ...CISSP, CISM, Security+.* Experience with GRC tools and federal compliance programs.* Ability...Contract workFor contractors$28.5 per hour
...COMPLIANCE ANALYST Summary This position will support the Foundation's conservation award-making activities by focusing on the areas of compliance and risk analysis relating to the Foundation and its subrecipients and for programmatically funded contractors...Hourly payFull timeContract workFor contractorsLocal area- ...The Compliance Analyst serves as the project compliance expert on a wide portfolio of Clark's government-funded construction projects. The... ...Responsibilities We value candidates who are highly motivated, customer-focused and open-minded team players ready to dig into a highly...Full timeFor contractorsWork experience placementFor subcontractorLocal area
$125k - $290k
...employees and encourage them to pursue their ambitions. Weaver focuses on helping people lead balanced, integrated lives, supported... ...Commercial Tax Manager or Senior Manager provides federal tax compliance and planning services to large middle market and public companies...Flexible hours- ...senior-level experience, a strong knowledge of NIST RMF, and demonstrated leadership in managing large,... ...senior Government representatives and ensure compliance with security protocols. A competitive benefits package and focus on employee culture are included. #J-18808-...
- ...is seeking a dedicated Product Manager for the Governance, Risk, and Compliance (GRC) team. The ideal candidate should have over 5 years of product management experience and at least 2 years focused on security and compliance. The role involves gathering requirements from...
- Leidos is seeking an RMF Assessment & Authorization Analyst in Bethesda, Maryland, to support the Navy’s training... ...Framework activities, manage compliance with Navy policies, and support the... ...experience in Cybersecurity with a focus on Information Assurance tools. An...
- ...of Columbia Public Schools is seeking an Analyst for the Nonpublic Unit who will manage... ...families and school staff while ensuring compliance with regulations. Qualifications include... ...every student with disabilities through focused initiatives. #J-18808-Ljbffr District of...
- Federal Management Systems is seeking a detail-oriented Junior Compliance Officer in Washington, D.C. This role focuses on data management and compliance auditing, ensuring the integrity of immigration compliance and employment eligibility systems. Key responsibilities...
$100k - $130k
...total customer satisfaction has remained the cornerstone of our business. Our business model focuses on integrity, loyalty, and trust. Position Overview The Compliance Analyst Level IV provides expertise on special projects, advising senior management and law enforcement...Permanent employmentContract workTemporary workWork at officeFlexible hours- At Nubank, Compliance is a strategic partner—not a tollgate. We view effective Risk Management... ...using a targeted friction approach: we focus on the most relevant regulatory risks... ...We are seeking an experienced Compliance Analyst with 5-8 years of dedicated compliance,...Fixed term contractWork experience placementLocal area
- ...Records Management & Compliance Analyst ProSidian is a Management And Operations Consulting Services firm that focuses on providing value to clients through tailored solutions based on industry-leading practices. ProSidian provides enterprise services/solutions for...Full timeContract workH1bWork at office
- ...government contracting firm based in Washington DC is seeking a qualified Vetting Analyst. In this role, you will assist customers in processing vetting requests from federal agencies, focusing on research, case analysis, and report preparation. Candidates should have a...Contract workWork at office
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Compliance Analyst (GRC/RMF Focused). Be the first to apply!
- senior regulatory affairs specialist Washington DC
- regulatory affairs consultant Washington DC
- regulatory compliance specialist Washington DC
- trade compliance specialist Washington DC
- legal compliance analyst Washington DC
- research compliance officer Washington DC
- regulatory specialist Washington DC
- coding compliance specialist Washington DC
- information security compliance analyst Washington DC
- junior compliance officer Washington DC

