Governance, Risk, and Compliance Analyst

Onebrief

Remote regions

Global

Benefits

Similar Jobs

See all

Core Responsibilities:

  • Own RMF authorizations across Department of War components and FedRAMP High, alongside CMMC 2.0 and SOC 2 compliance for corporate systems.
  • Maintain authorization and audit evidence, including SSPs, SARs, POA&Ms, STIGs, and control mappings.
  • Coordinate internal assessments and external audit readiness across all applicable frameworks.

Minimum Qualifications:

  • U.S. Citizen with a Bachelor's degree in Computer Science, Cybersecurity, or a related field.
  • 8+ years in cybersecurity compliance.
  • Hands-on expertise with RMF and at least one of CMMC 2.0 or SOC 2.
  • One or more of: CISSP, CISM, CISSO, CPTE, CySA+, FITSP-A, GCSA, CISA, ISSEP, GSLC, or GSNA.

Preferred Qualifications:

  • Experience in DoD environments and compliance frameworks (RMF, ICD 503).
  • Familiarity with agency-specific overlays and cloud security standards.
  • Experience working with 3PAOs, Security Control Assessors, federal customers, or SOC 2 auditors.

Tools, Systems & Technologies:

  • eMASS, GRC platforms, NIST RMF documentation (SSPs, SARs, POA&Ms, STIGs).
  • CMMC 2.0 and SOC 2 control frameworks.

Onebrief

Onebrief builds collaboration and AI-powered workflow software for military planning and operational coordination. Founded in 2019, valued at over $2 billion, they are a distributed team of builders from military, operational, and technology backgrounds.

Apply for This Position