Cybersecurity GRC Analyst
$125,000–$125,000 year
Remote · United States or Austin, Texas, United States
Job Summary
Cybersecurity GRC Analyst needed to develop, maintain, and execute governance, risk, and compliance activities supporting the university’s Controlled Research Program, including NIST 800-171, DFARS, ITAR, and CMMC requirements. Responsibilities include coordinating security assessments and risk evaluations of research systems, collaborating with researchers and administrative teams to implement compliant practices, creating and maintaining SSPs and POA&Ms, extending GRC tooling and enterprise policies to meet controlled research needs, providing guidance on CUI compliance, tracking compliance gaps, contributing to policy development and reporting, and staying current with federal regulations impacting controlled research. Strong focus on security controls, documentation, and cross-functional communication to support researchers while ensuring regulatory alignment.
Required Qualifications
- U.S. Citizen, resident, or officially recognized asylee - Applicant selected will be subject to government security investigation and must meet eligibility requirements for access to classified information at the level appropriate to the project requirements of the position.
- Minimum of 3 years of experience in cybersecurity, audit, compliance, risk management, or GRC, with at least 1 year involving NIST 800-171, DFARS, CUI, or similar compliance frameworks.
- Familiarity with controlled research environments and compliance programs such as CMMC, ITAR, or FISMA.
- Solid understanding of information security principles, IT governance, and technical controls (access management, system hardening, auditing, data protection, etc.).
- Strong analytical, documentation, and project management skills.
- Excellent interpersonal and communication skills to interface with a diverse campus community including researchers, IT staff, and administrators.
- Demonstrated ability to work independently and collaboratively in a fast-paced, distributed team environment.
- Strong synchronous and asynchronous communication skills
- Self-motivated to learn and share knowledge.
- Relevant education and experience may be substituted as appropriate.
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.