<Back to Search
Senior GRC Analyst
Saint Paul, MNMarch 29th, 2026
Job Title: Senior GRC Analyst – DoD / CMMC / FISMAEngagement Type: Contract-to-Hire (6+ months) | Full-Time | Remote (U.S.-based)Hourly Range of $65/hour 1099 or C2CMUST BE US CITIZENRole SummaryOur Client is seeking a Senior GRC Analyst with deep, hands-on experience supporting DoD and federal compliance programs, specifically CMMC 2.0 Level 2 and FISMA within environments handling Controlled Unclassified Information (CUI).This role is responsible for executing and sustaining NIST SP 800-171 and NIST SP 800-53 control implementation, maintaining audit and certification readiness, and supporting authorization and assessment activities. The position requires close collaboration with Engineering, DevOps, Cloud, and Security teams to ensure controls are implemented, validated, and supported by audit-ready evidence.Core Skill Categories & ResponsibilitiesGovernance, Risk & Compliance (GRC)Execute and maintain CMMC 2.0 Level 2 compliance programsSupport FISMA compliance aligned to NIST SP 800-53 (Moderate baseline)Maintain System Security Plans (SSPs), POA&Ms, and control traceabilityDrive continuous monitoring (ConMon) and audit readiness initiativesSupport DoD and federal audit preparation, assessments, and certification readinessSecurity Frameworks & StandardsImplement and validate controls aligned to:NIST SP 800-171NIST SP 800-53CMMC 2.0FISMAMap controls to compliance requirements and maintain alignment across systems handling CUITechnical Security Controls (Validation & Implementation)Validate implementation of security controls across:Identity & Access Management (IAM)Logging, Monitoring, and AuditabilityEncryption (at rest and in transit)Vulnerability ManagementConfiguration ManagementIncident Response & Contingency PlanningReview and assess technical artifacts (architecture diagrams, configurations, logs)Ensure controls are properly implemented in AWS cloud environmentsCloud & DevOps CollaborationPartner with Engineering, CloudOps, and DevOps teams to implement and remediate controlsSupport cloud-native architectures and CI/CD pipeline security considerationsTranslate compliance requirements into technical solutions and configurationsRisk Management & AssessmentConduct risk assessments for systems, services, and architectural changesManage risk registers, findings, and remediation trackingPerform third-party and supply chain risk assessments aligned with DoD requirementsAudit, Authorization & Evidence ManagementProduce and maintain audit-ready documentation and evidenceSupport Authority to Operate (ATO) and federal authorization processesValidate and present evidence artifacts during audits and assessmentsCollaborate with stakeholders to remediate findings prior to government reviewRequired QualificationsExperience6+ years in GRC, cybersecurity compliance, or federal security programsHands-on experience with:CMMC 2.0 Level 2DoD environments handling CUIProven experience working directly with engineering and DevOps teamsTechnical & Compliance KnowledgeStrong knowledge of:NIST SP 800-171NIST SP 800-53FISMACMMC 2.0Experience validating technical security controls in AWSAbility to translate compliance requirements into implemented controls and evidenceTools & TechnologiesCloud platforms: AWSGRC artifacts: SSPs, POA&Ms, Risk RegistersSecurity domains: IAM, logging, encryption, vulnerability managementPreferred QualificationsCertificationsCMMC Registered Practitioner (RP)CISSP, CISM, or CISACloud Security Certifications (e.g., AWS Security, CCSP)Additional ExperienceExperience supporting CMMC assessments or readiness programsExperience with federal ATO / authorization processesFamiliarity with CI/CD pipelines and cloud-native architecturesBackground in defense, government contracting, or regulated environments
Showing 600 of 19,261 matching similar jobs in Shell Valley, ND
- BC/DR & IT Security Specialist II — Hybrid Remote
- Remote SOAR Consultant & Automation EngineerRemoteMarch 29th, 2026
- Remote Cyber Defense & Threat Operations Consultant
- Remote Quality Engineer - Security & AutomationRemoteMarch 29th, 2026
- Remote Vulnerability Management Engineer - AutomationRemoteMarch 29th, 2026
- Remote Illumio Network Security Engineer-Cloud SegmentationRemoteMarch 29th, 2026
- Senior InfoSec Engineer (Remote) — Cloud & API SecurityRemoteMarch 29th, 2026
- Remote IT Security Engineer: Identity & SSO AutomationRemoteMarch 29th, 2026
- Remote Cloud & Network Security Engineer
- Remote Network Security Architect - Zero Trust & Prisma SASE
- Remote SOC Analyst: IT Security Ops (Mid)RemoteMarch 29th, 2026
- CyberSecurity Advisor - Security Operations | Remote MO, KS, OK, or TXRemoteMarch 29th, 2026
- Senior Network Security Engineer — Palo Alto Expert (Remote)RemoteMarch 29th, 2026
- Remote Security Operations Lead: Cloud & SOCRemoteMarch 30th, 2026
- Remote Customer Success Architect Cybersecurity & Cloud
- Remote Vulnerability Risk EngineerRemoteMarch 30th, 2026
- Cloud Engineer- Full Time Role
- Security Systems Sales Consultant
- Network Security Engineer
- Senior Security Analyst - CTH - W2 Only, No Third Party
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director
- Senior Information Security Director