Note: The job is a remote job and is open to candidates in USA. LP3 is a company that protects America with innovative cyber security and data science solutions. They are seeking a Senior Governance Risk and Compliance Analyst to conduct GRC planning, manage security devices, and perform daily threat analysis and incident management.
Responsibilities
- Provide strategic and technical security mitigation planning and participate in the design, development, and maintenance of GRC activities aligned with NIST 800-171 and DFAR guidelines
- Document and maintain GRC artifacts including process documentation, risk registers, and control mappings
- Develop, maintain, and track Plans of Actions and Milestones (POA&Ms), including remediation status and supporting evidence including escalation when appropriate
- Participate in stakeholders interviews, working sessions, and documentation reviews to support enterprise GRC assessments
- Provide technical expertise in the development, maintenance, and enhancement of corporate security operating procedures, standards and best practices
- Assist with preparation for internal and external audits, assessments, and regulatory reviews, including evidence collection and response coordination
Skills
- Bachelor's Degree in Cybersecurity, Engineering, Information Technology, or related field
- Minimum two (2) years of experience in cybersecurity, with exposure to OT/ICS environments. OR (6) years of experience may be considered in lieu of a bachelor's degree
- Experience supporting IT audits, risk assessments, or compliance assessments
- Working knowledge of CMMC security controls, NIST 800-171 requirements, and compliance processes
- Hands-on experience developing and maintaining POA&Ms
- Ability to follow defined processes while managing multiple compliance-related tasks
- Ability to travel up to 10%
- Active Secret clearance or the ability to obtain and maintain this clearance
- US Citizenship and residency
- Experience performing NIST-based security or technology risk assessments
- Industry certifications such as CISSP, CISA, CRISC, Security+, or similar credentials
- Strong written and verbal communication skills, particularly for documentation and audit response
- Detail-oriented with strong analytical and organizational skills
- Excellent verbal and written communication skills
Benefits
- Medical (including family)
- Dental
- Vision
- 401k match with 100% vesting from day 1
- Technical training
- Flexible work schedule
- PTO
- Plus all Federal holidays
Company Overview