Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

GRC Analyst

$189k - $225k

Spire

The GRC Analyst, Federal & Customer Programs is responsible for the hands‑on analysis, documentation, and operational execution of the company's security governance, risk, and compliance obligations. This role sits at the intersection of customer contracts, regulatory frameworks, and the company's security control environment — translating external requirements into clear, traceable internal commitments and evaluating how well current capabilities satisfy them. The GRC Analyst reviews incoming contractual security language, maps obligations to applicable frameworks and existing controls, produces compliance matrices and gap analyses, owns the operational risk assessment process, contributes to governance and policy lifecycle activities, and supports audit, assessment, and customer inquiry activities. A meaningful portion of this role is dedicated to ongoing contract and requirements analysis as new programs are awarded and existing programs evolve. The GRC Analyst serves as the security function's primary reviewer of incoming contractual cybersecurity language and works directly with legal and sourcing on flow‑down negotiation and redlines. Candidates who enjoy careful reading of contractual and regulatory text — and who want this to be a substantial part of their day‑to‑day work — will find this role a strong fit. This is a detail‑oriented, writing‑intensive role requiring strong analytical judgment, fluency across multiple compliance frameworks, and the ability to work effectively with legal, sourcing, program management, engineering, and security operations stakeholders. Key Responsibilities Contract & Requirements Analysis Review customer contracts, statements of work, security annexes, CDRLs, data protection addenda, and flow‑down clauses to identify cybersecurity, privacy, and information handling obligations applicable to the company. Extract and catalog specific security requirements from contractual language, and translate them into structured, testable statements suitable for traceability and control mapping. Compare identified requirements against the company's current product scope, control environment, and certification posture to determine where compliance is already met, partially met, or requires new implementation work. Produce gap analyses, compliance matrices, and Requirements Traceability Matrix (RTM) artifacts that clearly communicate the state of compliance for a given contract, program, or system. Serve as the security function's primary point of contact for legal and sourcing during contract review, redline cycles, and flow‑down negotiation, including review of subcontractor and supplier flow‑down language. Framework Mapping & Interpretation Maintain working proficiency across the frameworks relevant to the company's regulatory and contractual posture, including NIST SP 800‑171, NIST SP 800‑53, NIST CSF, CMMC, ISO 27001, FedRAMP, and applicable European frameworks such as NIS2 and GDPR. Map controls across frameworks to minimize duplicated work and enable consistent responses to overlapping requirements; contribute to a shared control inventory used by compliance, security, and program teams. Interpret framework language and authoritative guidance (NIST publications, DoD guidance, regulator FAQs) in the context of specific company systems and business scenarios and escape ambiguity for formal risk decisions when appropriate. Governance, Policy & ISMS Support Contribute to the maintenance of the company's Information Security Management System (ISMS) documentation set, including keeping control descriptions, evidence references, and scope statements accurate and current. Support the policy and standard lifecycle, including periodic review cycles, version control, exception governance, and clarification of control owner accountability. Produce compliance posture reporting and audit readiness metrics for governance forums and leadership review, including framework coverage, finding aging, and remediation progress. Draft and revise compliance deliverables including System Security Plans (SSP), Plans of Action & Milestones (POA&M), policy and standard content, control narratives, customer security questionnaire responses, and audit artifacts. Author clear, concise written responses to customer, auditor, and regulator inquiries, calibrated to the technical level of the audience and consistent with approved company positioning. Own the operational risk assessment process and the supporting risk register, including conducting periodic and event‑driven risk assessments, documenting current state, identifying deficiencies, and developing risk treatment recommendations. Route risk acceptance and exception decisions to the appropriate decision authority with the underlying analysis and documentation prepared for review; track decisions and ensure follow‑through on conditions or expirations. Track open compliance findings and remediation activities, prepare status updates, and flag aging or high‑severity items for escalation. Third‑Party & Supply Chain Risk Contribute to vendor and supplier security review activities, including evaluating vendor security questionnaires, reviewing supplier control attestations, and assessing residual risk for inclusion in procurement and program decisions. Support assessment of subcontractor and supplier flow‑down compliance, including coordinating with sourcing and program management on supplier security obligations and remediation. Audit & Assessment Support Support internal and external audit, assessment, and certification activities, including C3PAO engagements, ISO 27001 surveillance audits, customer assessments, and regulator inquiries. Coordinate evidence collection with system owners and control operators; validate that evidence is accurate, complete, and appropriately scoped before submission. Participate in assessor and auditor interviews as a subject matter contributor on specific controls and artifacts. Cross‑Functional Collaboration Partner with legal and sourcing on contract review, redlines, and flow‑down language; with security program management on milestones, schedules, and audit coordination; and with security engineering and IT on evidence, control implementation detail, and remediation planning. Serve as a knowledgeable point of contact for internal teams seeking to understand what a given regulatory or contractual requirement means in practice. What Success Looks Like in Year One Established a repeatable contract review intake process with legal and sourcing, including a maintained library of standard cybersecurity flow‑down clauses and review turnaround expectations. Produced an end‑to‑end Requirements Traceability Matrix for at least one active federal program, traceable from contract clauses through framework controls to evidence sources. Stood up the operational risk register and routine risk reporting cadence, with at least one full assessment cycle completed and risk treatment decisions documented. Maintained the ISMS documentation set in audit‑ready condition through at least one external assessment or surveillance cycle. Required Qualifications Five or more years of progressive experience in cybersecurity governance, risk, and compliance; IT audit; or a closely related discipline, with substantial hands‑on exposure to framework interpretation and contract requirement analysis. Demonstrated working knowledge of NIST SP 800‑171 and NIST SP 800‑53, including control families, assessment procedures, and common implementation patterns. Experience contributing to SSP and POA&M artifacts, compliance matrices, or Requirements Traceability Matrices in a regulated environment. Practical experience supporting at least one formal audit, certification, or assessment cycle (for example CMMC, ISO 27001, SOC 2, FedRAMP, or comparable). Strong technical writing skills, including the ability to produce accurate, concise, and audience‑appropriate compliance documentation. Writing samples may be requested as part of the interview process. Demonstrated comfort and interest in reading contractual and regulatory language carefully and translating it into specific, actionable internal requirements. This is a core part of the role, not an occasional task. Comfort working across multiple stakeholder groups — legal, sourcing, engineering, IT, security operations, and program management — and adjusting communication style accordingly. Bachelor's degree in Information Security, Information Systems, Business, a related field, or equivalent practical experience. Preferred Qualifications Direct experience with CMMC 2.0 assessment preparation, including familiarity with DFARS View phone number on click.appcast.io and 48 CFR Part 204. Familiarity with ISO 27001, FedRAMP, SOC 2, NIS2, GDPR data security obligations, or EU dual‑use export control regimes. Experience handling Controlled Unclassified Information (CUI) in accordance with NARA and DoD requirements. Exposure to aerospace, defense, space, or other regulated technology environments. Experience reviewing or negotiating cybersecurity flow‑down language in customer or supplier contracts. Working familiarity with Governance, Risk, and Compliance (GRC) tooling such as ServiceNow GRC, Archer, Hyperproof, Drata, Vanta, or equivalent. Industry certifications such as CISA, CRISC, CISSP, CGRC (formerly CAP), ISO 27001 Lead Implementer / Lead Auditor, CMMC Registered Practitioner (RP), or CMMC Certified Professional / Certified Assessor (CCA / CCP). Active US security clearance, or eligibility to obtain one. Spire operates a hybrid work model, and this position will require you to work a minimum of three days per week in the office. Access to US export‑controlled software and/or technology may be required for this role. If needed, Spire will arrange the necessary licenses—this is not something candidates need to have before applying. The anticipated base salary range for this position is listed below. Final base salary for this role will be based on the location, skills, experience and qualifications. In addition to base compensation, this role may be eligible for annual equity awards and our employee benefits program, including vacation, sick, and personal time off; optional medical, dental, vision, life, and disability coverage; a 401(K) plan; health and wellness reimbursement program; and participation in Spire’s Employee Stock Purchase Plan. Salary Range: $189,000 USD – $225,000 USD About Spire We improve life on Earth with data from space. Spire Global is a space‑to‑cloud analytics company that owns and operates the largest multi‑purpose constellation of satellites. Its proprietary data and algorithms provide the most advanced maritime, aviation, and weather tracking in the world. In addition to its constellation, Spire’s data infrastructure includes a global ground station network and 24/7 operations that provide real‑time global coverage of every point on Earth. Spire is Global and our success draws upon the diverse viewpoints, skills and experiences of our employees. We are proud to be an equal opportunity employer and are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or veteran status. To help maintain a safe and secure workplace for Spire employees, all candidates who receive a conditional offer will be required to complete a background check. This may include criminal history and employment verification. Please take a moment to review Spire’s Global Data Privacy Notice for Employees, Contractors, Candidates and Visitors, as well as Spire’s Privacy Policy. Kindly be advised that communication regarding your application may come from @spire.com, @recruiting.spire.com, or from Candidate.fyi (our scheduling tool). #J-18808-Ljbffr

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the GRC Analyst in Texas City, TX vacancy
  • INEOS ACETYLS CHEMICALS TEXAS CITY, INC. seeks a Field Safety Specialist responsible for implementing safety policies and programs. The role requires spending up to 80% of time in the field and involves managing safety audits, inspections, and emergency response procedures...
    Suggested

    INEOS ACETYLS CHEMICALS TEXAS CITY, INC.

    Texas City, TX
    4 days ago
  •  ...Overview The opportunity We are seeking a Senior Workday HRIS Analyst with 6+ years of hands-on experience configuring the Workday Compensation and Payroll modules to join our People Technology team. In this role, you will serve as a senior subject matter expert and key... 
    Suggested
    Work at office
    Relocation package

    Unity

    Texas City, TX
    1 day ago
  • $45.52k - $77.18k

    Development of policies, definitions, standards, and processes for costing data. Responsible for managing compliance to policies, definitions, and standards. Drive data change to correspond to master data strategies. Develop and analyze data quality reports and track areas...
    Suggested
    Full time

    Remote Career

    Texas City, TX
    1 day ago
  •  ...Overview Role: Business Analyst Responsibilities Support the collection and consolidation of Objective and Key Results (OKRs), Key Performance Indicators (KPIs), and additional performance metrics in support of Monthly Business Reviews and Quarterly Business Reviews across... 
    Suggested

    Winaxis LLC

    Texas City, TX
    3 days ago
  •  ...AnalystApplylocations: US-TX-TEXAS CITYtime type: Full timeposted on: Posted Yesterdayjob requisition id: 2026 - 0306ISP Technologies Inc.**PLANNING ANALYST I**Ashland has an exciting opportunity for a Production Planner to join our Ashland, Inc. business at our Texas City, Texas... 
    Suggested

    Ashland

    Texas City, TX
    4 days ago
  • The University of Texas Medical Branch is seeking a qualified HR professional to manage leave policies, including Family Medical Leave and Military Leave. This role also involves training managers statewide and ensuring compliance with regulations. The position offers partial...
    Remote job
    Monday to Friday

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  • UTMB Health in Galveston, TX is seeking a Senior Compliance Analyst to audit complex systems, assess controls, and report on compliance with federal and state laws. This remote role within Texas emphasizes strong data analysis and regulatory insight. The ideal candidate... 
    Remote job

    UTMB Health

    Galveston, TX
    3 days ago
  •  ...quality assurance findings Coordinate research projects and quality improvement activities Supervise the EMS Quality Assurance Analyst and assist with hiring, training, coaching, and performance management Approve timesheets, leave requests, and personnel forms... 
    Full time
    Work at office
    Local area
    Weekend work
    Afternoon shift

    Galveston County Health District

    Texas City, TX
    16 days ago
  • Coastal Community FCU in Galveston, Texas is seeking a Branch Manager responsible for directing and managing operational efforts. You will lead a diverse team and promote engagement while ensuring compliance with policies and regulations. The ideal candidate must have over...

    Coastal Community FCU

    Galveston, TX
    2 days ago
  • Vice President & Chief Compliance Officer The Vice President and Chief Compliance Officer (VP & CCO) serves as UTMB’s senior executive responsible for enterprise-wide compliance, privacy, conflicts of interest, governance, and regulatory risk management. Reporting with ...
    For contractors
    Local area

    UTMB Health

    Galveston, TX
    2 days ago
  • A prominent academic medical center in Galveston is seeking a Vice President and Chief Compliance Officer. This senior executive will be responsible for enterprise-wide compliance, privacy, and governance programs. Essential duties include leading the compliance team, ensuring...

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  •  ...Investigative Analyst Help As an Investigative Analyst at the GS-1805-9 level, some of your typical work assignments may include: Gathering, researching, and analyzing various types of data from federal, state, local and public agencies. Providing administrative... 
    Local area

    Department of Justice

    Galveston, TX
    12 hours ago
  • UTMB Health in Galveston, Texas is seeking a Grants Analyst to provide expertise for pre and post-award grant activities. The position involves managing large research projects, budgeting, and compliance with regulations. The ideal candidate will have a Bachelor's degree... 

    UTMB Health

    Galveston, TX
    2 days ago
  • The University of Texas Medical Branch is hiring for a compensation role, offering expertise in the development and implementation of compensation programs. Candidates must have a Bachelor's degree in Human Resources or a related field and at least five years of experience...

    The University of Texas Medical Branch

    Galveston, TX
    3 days ago
  • TEXAS INTERNATIONAL TERMINALS is looking for an experienced HSS Manager in Galveston, Texas, to oversee safety and compliance initiatives. The ideal candidate will develop safety programs, manage incident investigations, and ensure adherence to regulatory requirements. ...

    TEXAS INTERNATIONAL TERMINALS

    Galveston, TX
    2 days ago
  •  ...new technology solutions to develop EMR to meet customer’s needs. Ability to manage multiple activities and projects. The senior analyst will be expected to serve as a liaison between technical and business communities and must be able to communicate complex situations... 
    For contractors
    Local area
    Remote work
    Monday to Friday
    Shift work
    Day shift

    The University of Texas Medical Branch

    Galveston, TX
    3 days ago
  • The University of Texas Medical Branch is seeking a professional skilled in grant administration to support faculty in managing complex research projects in Galveston, Texas. This role requires providing expertise in pre and post award grant management, budget development...

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  • UTMB Health seeks a Radiant EHR Clinical Solutions Analyst to design, implement, and optimize Epic Radiant clinical applications. You will partner with clinicians and IT to deliver scalable solutions that support patient care, regulatory compliance, and operational efficiency... 
    Remote job

    UTMB Health

    Galveston, TX
    3 days ago
  • A leader in marine manufacturing is seeking an experienced HR Manager to oversee key human resources functions and support a growing workforce. This role involves managing HR operations, employee relations, compliance, and strategic initiatives. Ideal candidates should ...

    Gulf Copper and Manufacturing

    Galveston, TX
    2 days ago
  • San Luis Resort, Spa and Conference Center is seeking a Revenue Analyst in Galveston, Texas. The role involves monitoring revenue thresholds and allocating room inventory effectively to maximize profits. Ideal candidates will possess strong communication skills and proficiency... 

    San Luis Resort, Spa and Conference Center

    Galveston, TX
    2 days ago
  • The University of Texas Medical Branch seeks a Labor Productivity Analyst in Galveston to support efficient labor resource use across departments. This hybrid role includes analyzing workforce performance and developing solutions to enhance staffing and operational decisions... 

    The University of Texas Medical Branch

    Galveston, TX
    1 day ago
  •  ...problems utilizing more efficient operational procedures, workflows, and technology solutions. Job Duties This employee will be an analyst on the Epic Inpatient team, primarily supporting Clin Doc, Procedures, ASAP, and HIM applications. While this position is a remote... 
    For contractors
    Casual work
    Local area
    Immediate start
    Remote work
    Monday to Friday

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  • Senior Compensation Analyst - HR Compensation Galveston, Texas, United States New Business, Managerial & Finance UTMB Health Requisition # 2603285 Minimum Qualifications: Bachelor’s degree in Human Resources, Business, or related field. Minimum of 5 years of experience... 
    For contractors
    Work at office
    Local area
    Remote work

    UTMB Health

    Galveston, TX
    4 days ago
  • UTMB Health is seeking a Senior Compensation Analyst based in Galveston, Texas. This role involves providing compensation expertise in the development of programs and policies related to compensation analysis. The ideal candidate will possess a bachelor’s degree in a relevant... 
    Remote work

    UTMB Health

    Galveston, TX
    4 days ago
  • $60.48k - $75.6k

    Grants Analyst, SHP/SON/SPPH ASG VII (Remote, Texas) Join to apply for the Grants Analyst, SHP/SON/SPPH ASG VII (Remote, Texas) role at The University of Texas Medical Branch Minimum Qualifications: Bachelor's degree or equivalent in related field and four years of experience... 
    Remote job
    For contractors
    Work experience placement
    Work at office
    Local area
    Shift work
    Day shift

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  • The University of Texas Medical Branch is seeking an EHR Clinical Application Analyst on the Epic Inpatient team to support Clin Doc, Procedures, ASAP and HIM applications. The role is remote with on-site travel as needed to implement and test new functionality. Responsibilities... 
    Remote job
    Immediate start

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  • UTMB Health in Galveston, Texas seeks a Senior EHR Clinical Apps Analyst to design, implement, optimize and support Epic ambulatory and related systems including Care Everywhere and Reporting Workbench. The role requires strong SME capabilities and experience in clinical... 
    Remote job

    UTMB Health

    Galveston, TX
    3 days ago
  •  ...all relevant national coverage decisions. Acts as a resource and assists Principal Investigators, study coordinators, and budget analysts in determining that all costs for clinical studies are included in the study budget and are appropriate and/or accurate. With input... 
    For contractors
    Local area

    The University of Texas Medical Branch

    Galveston, TX
    4 days ago
  • The University of Texas Medical Branch in Galveston, TX is seeking a Radiant EHR Clinical Solutions Analyst to drive design, development, and optimization of Epic Radiant applications. You will collaborate with clinical, operational, and technical teams to deliver scalable... 
    Remote job

    The University of Texas Medical Branch

    Galveston, TX
    2 days ago
  • Grants Analyst, ASG VIII (Hybrid) Galveston, Texas, United States New Business, Managerial & Finance UTMB Health Requisition # 2602741 Minimum Qualifications Bachelor's degree or equivalent in related field and four years of experience. Job Description Provides pre... 
    For contractors
    Work at office
    Local area

    UTMB Health

    Galveston, TX
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to GRC Analyst. Be the first to apply!

Related searches