The Governance, Risk, and Compliance (GRC) Analyst supporting federal and customer programs is responsible for evaluating, documenting, and operationalizing cybersecurity and compliance requirements across the organization. This position works across contractual obligations, regulatory standards, and internal security controls—translating external requirements into clear internal actions and assessing how effectively those obligations are being met.
This individual plays a central role in reviewing contractual security language, aligning requirements to applicable frameworks and existing controls, and identifying gaps. The role also supports risk management processes, policy and governance activities, and audit or customer-facing security inquiries.
A significant portion of the work involves analyzing contract terms as new business is awarded and existing programs evolve. This person will act as a key reviewer of cybersecurity-related contract language and partner closely with legal and procurement teams during negotiations and revisions. The role is well suited for someone who enjoys detailed analysis of regulatory and contractual text as a core part of their responsibilities.
This is a highly detail-oriented and writing-heavy role that requires strong analytical thinking, familiarity with multiple compliance standards, and the ability to collaborate across technical and non-technical teams.
Contract & Requirements Analysis
Framework Alignment & Interpretation
Governance & Policy Support
Documentation & Deliverables
Risk Management
Third-Party Risk
Audit & Assessment Support
Cross-Functional Collaboration