Job Description
Note: The job is a remote job and is open to candidates in USA. Donnelly & Moore Corporation is seeking a Security GRC Analyst to strengthen their client's compliance and security posture. This role involves developing and maintaining security policies, leading compliance efforts for frameworks like NIST 800-53, and collaborating with technology teams to manage risk effectively. Responsibilities β’ Lead ongoing compliance efforts for security frameworks including NIST 800-53, CMMC, and SOC 2 β’ Develop, document, and maintain security and compliance policies, standards, and procedures β’ Coordinate and prepare evidence for audits and assessments β’ Monitor for regulatory or framework changes and update internal controls accordingly β’ Identify and evaluate risks across systems, data, and processes β’ Partner with Technology teams to design, implement, and test internal controls β’ Conduct periodic internal reviews to validate compliance and control effectiveness β’ Track and drive remediation of any identified gaps or findings β’ Work cross-functionally with software, infrastructure, and operations teams to embed compliance requirements into daily practices β’ Support vendor risk management and review processes for third-party systems and services β’ Maintain clear, consistent communication with stakeholders on compliance goals, progress, and issues β’ Identify opportunities to improve our governance, risk, and compliance programs β’ Support internal security awareness and training initiatives β’ Build repeatable processes and documentation that strengthen ARRO's long-term compliance readiness Skills β’ Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience) β’ 5+ years of experience in information security, compliance, or GRC roles β’ Hands-on experience with NIST 800-53 (required) β’ Strong understanding of IT and security controls across infrastructure, cloud, and application environments β’ Proven ability to develop policies, implement controls, and perform internal compliance testing β’ Excellent communication and project management skillsβable to coordinate across teams and manage competing priorities β’ U.S. citizenship and ability to obtain a government security clearance if required by contracts β’ Familiarity with frameworks such as CMMC, SOC 2, or NIST 800-171 Benefits β’ Benefits β’ Bonus Company Overview β’ Donnelly & Moore is a highly regarded IT consulting and recruiting firm serving the New York tri-state area. It was founded in 1997, and is headquartered in New York, New York, USA, with a workforce of 51-200 employees. Its website is Apply tot his job