"Alerted.org

Description

About the Role:

We are seeking a detail-oriented and security-minded GRC Analyst to support the development, implementation, and ongoing maintenance of security governance, risk management, and compliance activities across our secure enclave. This role is critical in helping ensure compliance with frameworks such as NIST 800-171, CMMC, and FedRAMP, while supporting internal audit readiness, policy enforcement, and system lifecycle governance.

Key Responsibilities:

+ Maintain and track security control implementation across systems, with a focus on NIST 800-171 and CUI compliance.

+ Support the development, review, and enforcement of baseline configurations, security standards, and approved software/website approvals in collaboration with IT operations teams.

+ Review system changes submitted through the Change Advisory Board (CAB) and verify alignment with policies and compliance requirements.

+ Collaborate with technical teams to ensure compliant (ie. least privilege, deny-by-default, and allow-by-exception) principles are enforced through tools such as Microsoft Entra ID (Azure AD), Intune, and Tanium.

+ Perform periodic risk reviews of contracts, software requests, and requests for privileged accounts.

+ Support internal audits, readiness assessments, and documentation reviews related to CUI handling and secure enclave operations.

+ Assist in maintaining and enhancing GRC documentation, including policies, procedures, standards, SSPs, POA& Ms, and audit trails.

+ Participate in risk assessments, vendor evaluations, and control effectiveness reviews.

+ Track corrective actions and ensure timely closure of findings from assessments or internal reviews.

Requirements

Requirements:

Must Have:

+ 1–3 years of experience in a GRC, cybersecurity, compliance, or audit-focused role

+ Working knowledge of NIST 800-171, CMMC, FedRAMP, or other regulatory/compliance frameworks

+ Familiarity with tools such as Microsoft Entra ID (Azure AD), Intune, Tanium, Microsoft Sentinel, and SharePoint

+ Strong understanding of change management, access control, and configuration management processes

+ Excellent communication, documentation, and collaboration skills

+ Ability to analyze technical information and translate it into compliance-focused deliverables

Nice to Have:

+ Experience working within a secure enclave or CUI-restricted environment

+ Knowledge of CMMC Level 2+ practices

+ Experience using GRC platforms or lightweight tracking systems like Microsoft Lists

+ CompTIA Security+, CISA, CRISC, CISSP or related certification(s)

+ Experience supporting audits, assessments, or incident response investigations

Technology Doesn't Change the World, People Do.®

Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.

• 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s Terms of Use (https://www.roberthalf.com/us/en/terms) .