Entry-Level GRC Security Analyst (NIST/FISMA/HIPAA)

About Us:At RELI Group, our work is grounded in purpose. We partner with government agencies to solve complex challenges, improve public health, strengthen national security, and make government services more effective and efficient. Our team of over 500 professionals brings deep expertise and a shared commitment to delivering meaningful outcomes. Behind every solution is a group of experts who care deeply about impact—whether we’re supporting data-driven decisions, modernizing systems or safeguarding critical programs.Position OverviewThe Entry-Level Cybersecurity Governance, Risk, and Compliance (GRC) Assessor supports cybersecurity compliance and risk management activities within a federal healthcare environment. This role assists in evaluating security controls, conducting risk assessments, and ensuring compliance with federal regulations such as FISMA, HIPAA, and NIST standards.Key Responsibilities:Security Control Assessment SupportAssist in conducting security control assessments using NIST SP 800-53A methodologiesSupport development of Security Assessment Plans (SAPs) and Rules of Engagement (ROE)Help review System Security Plans (SSPs) and validate implemented controlsDocument findings for Security Assessment Reports (SARs)Risk Assessment & AnalysisSupport risk assessments aligned with NIST SP 800-30Identify vulnerabilities, control deficiencies, and potential impacts to systemsAssist in developing and updating Plans of Action and Milestones (POA&Ms)Participate in briefings on risk posture and remediation recommendationsCompliance & RMF SupportAssist in implementing the Risk Management Framework (RMF) lifecycle (Steps 1–6)Support compliance efforts for:FISMAHIPAA Security RuleHITECHOMB and HHS directivesHelp map regulatory requirements to NIST 800-53 controlsAssessment Preparation & CoordinationHelp coordinate assessment schedules, logistics, and stakeholder communicationsAssist in preparing briefing materials for System Owners (SOs) and ISSOsParticipate in assessment walkthroughs and documentation reviewsContinuous Monitoring SupportAssist in ongoing security control monitoring aligned with NIST SP 800-137Help track assessment metrics, findings, and remediation statusContribute to monthly and periodic compliance reportingDocumentation & ReportingDraft and maintain cybersecurity documentation including:SARs, SAPs, and risk assessment reportsSOPs and compliance tracking artifactsEnsure documentation meets federal and organizational standards for quality and accuracyCollaboration & TrainingWork with senior assessors, ISSOs, and system owners to support compliance activitiesParticipate in training on RMF, control assessments, and federal security requirementsAssist in educating stakeholders on assessment processes and expectationsWork Environment & ExpectationsSupports a large, distributed federal healthcare environment with high-impact systems and sensitive dataMust be able to work in a team-oriented, compliance-driven environmentMay require ability to obtain and maintain a Public Trust (Tier 4) clearanceExpected to adapt to evolving cybersecurity threats and compliance requirementsBachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)Basic understanding of:Cybersecurity principles (CIA triad)Risk management conceptsSecurity controls and compliance frameworksFamiliarity with at least one of the following:NIST 800-53 / RMFFISMA or HIPAA requirementsStrong analytical, documentation, and communication skillsPreferred Qualifications:Internship or academic experience in cybersecurity, compliance, or auditingExposure to tools such as GRC platforms (e.g., Archer) or vulnerability scannersEntry-level certifications (nice to have):Security+cGRC (formerly CAP)CySA+EEO Employer:RELI Group is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.HUBZone:We encourage all candidates who live in a HUBZone to apply. You can check to see if your address is located in a HUBZone by accessing the SBA HUBZone Map.The annual salary range for this position is $45,000.00 to $50,000.00. Actual compensation will depend on a range of factors, including but not limited to the individual’s skills, experience, qualifications, certifications, location, other business and organizational needs, and applicable employment laws. The estimate displayed represents the typical salary range for this position and is just one component of the total compensation package for employees. RELI Group provides a variety of additional benefits to its employees. For additional details on the benefits that RELI Group offers click here #J-18808-Ljbffr