Analyst, GRC – Public Sector

Compliance & Certification Management:

• Day-to-day coordination of external assessments and responding to auditor evidence requests.
• Maintain and update FedRAMP/GovRAMP controls and documentation, including System Security Plans.
• Replace manual evidence collection with system-generated or API-driven evidence.

Continuous Monitoring & Vulnerability Management:

• Design an automation-first continuous monitoring program using system integrations and telemetry.
• Lead the FedRAMP vulnerability management lifecycle, coordinating with Security and Engineering teams to resolve issues within required timelines.
• Coordinate recurring compliance activities such as access reviews and incident response exercises.

Public Sector Sales & Customer Engagement:

• Serve as a security subject matter expert, translating compliance controls into compelling customer narratives.
• Support the development of external communications related to security certifications and authorizations.
• Build and maintain scalable response frameworks for RFP and RFx processes to ensure consistency and accuracy.