Granicus is hiring a
Senior Security Analyst in Worldwide

Summary

The job is for a Senior GRC Compliance Manager at Granicus, a company that provides technology solutions to governments. The role involves leading the FedRAMP program, ensuring data privacy, and supporting other GRC-related efforts. The position requires a strong technical, security, and compliance background, proven problem-solving abilities, and excellent communication skills.

Requirements

• Proven problem solving and analytical abilities
• Ability to communicate in a clear, concise, and comprehensive manner
• Collaborative mindset
• Strong, cross-discipline technical, security, and compliance background
• 3+ years of experience meaningfully supporting and leading elements of a FedRAMP program
• Deep familiarity with cyber security control frameworks, particularly NIST CSF and NIST 800-53
• 10+ years of Cyber Security experience
• 5+ of these years being in the Governance, Risk, and Compliance space
• Bachelors and/or master’s degree in Computer Science, Cyber Security, Information Technology, Risk Management, or related field

Responsibilities

• Lead, either individually or in partnership with GRC leadership, annual compliance audit components, including interaction with 3PAO
• Take ownership and curate, as necessary, System Security Plan and any other documentation and policies
• Stay apprised of any potential or upcoming changes to FedRAMP elements (e.g., NIST rev5) and ensure any work needed to comply is included in roadmap planning
• Lead elements of Continuous Monitoring (ConMon) process, including governance of POA&Ms, preparation of communication and evidence for the JAB, and all follow-up JAB interaction
• Act as point of contact with Joint Authorization Board as necessary, including any informal or ad-hoc engagement (e.g., discuss potential technology changes)
• Work with technical teams to structure Significant Change Requests
• Assisting with other certifications that Granicus maintains (e.g., ISO 27001)
• Policy rationalization and optimization to accommodate global operating model and varied compliance and regulatory obligations
• Supporting Enterprise Risk Management Program
• Helping to integrate newly acquired companies into Granicus processes

Benefits

• Flexible Time Off
• Medical (includes an option that is paid 100% by Granicus!), Dental & Vision Insurance
• 401(k) plan with matching contribution
• Paid Parental Leave
• Employer-paid Short and Long Term Disability Insurance, Group Term Life Insurance and AD&D Insurance
• Group legal coverage