Offshore Sr. GRC Analyst / Sr. ISSO (Information System Security Officer) Consultant

IBSS Corp.
Silver Spring, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 30K

Job location

Silver Spring, United States of America

Tech stack

Computer Security
Information Systems
Document Management Systems
Information Security Management
SC Clearance
Information Technology

Job description

The Senior GRC Analyst / Senior ISSO will support cybersecurity governance, risk management, and compliance (GRC) initiatives across commercial and federal client environments. This role requires hands-on experience supporting cybersecurity compliance activities. Supporting NIST SP 800-171 compliance assessments to evaluate organizational security controls and identify gaps requiring remediation., Governance & Policy Support

  • Develop, maintain, and update cybersecurity policies, standards, procedures, and supporting documentation.
  • Support policy-to-control mapping and traceability activities across multiple frameworks.
  • Coordinate annual policy reviews and assist with compliance reporting activities.
  • Research cybersecurity laws, regulations, standards, and guidelines relevant to client environments.

Risk Management

  • Conduct system-level and scoped enterprise risk assessments aligned with NIST SP 800-30 methodologies.
  • Identify threats, vulnerabilities, likelihood, impact, and overall risk ratings.
  • Develop risk assessment reports and remediation recommendations.
  • Maintain and track risks within centralized risk registers.
  • Support vendor risk management activities, including third-party security questionnaire and SOC report reviews.

Compliance & Audit Readiness

  • Independently develop and maintain System Security Plans (SSPs) for frameworks such as NIST SP 800-53 and NIST SP 800-171.
  • Document control implementation statements and validate supporting evidence.
  • Identify incomplete, inaccurate, or insufficient artifacts and coordinate directly with technical stakeholders to obtain corrected evidence.
  • Support readiness efforts for frameworks such as CMMC, HIPAA, ISO 27001, SOC 2, and FedRAMP.
  • Participate in internal and external audit engagements, evidence collection activities, stakeholder interviews, and remediation tracking efforts.
  • Maintain POA&Ms and compliance remediation trackers.

Methodology & Team Support

  • Contribute improvements to internal GRC methodologies, templates, checklists, and delivery processes.
  • Provide mentorship and informal guidance to junior team members, apprentices, and interns.
  • Escalate complex issues and risks to senior leadership as appropriate.
  • Participate in monthly volunteer efforts supporting environmental and humanitarian initiatives.

Requirements

The ideal candidate must be capable of independently developing and maintaining System Security Plans (SSPs), identifying documentation and evidence deficiencies, and coordinating directly with stakeholders to request corrected or additional artifacts as needed. The candidate must possess strong written communication skills and the ability to translate technical implementations into defensible compliance documentation., * Bachelor's degree in Cybersecurity, Information Technology, Information Systems, Computer Science, or related field; OR equivalent cybersecurity coursework and practical experience.

  • 10 to 12 years of hands-on cybersecurity GRC experience.
  • One or more of the following certifications: CCSP, CISA, CISM, CISSP
  • Experience supporting or documenting compliance activities aligned with:
  • NIST SP 800-53
  • NIST SP 800-171
  • CMMC
  • Experience developing or maintaining System Security Plans (SSPs).
  • Ability to independently identify evidence gaps and request corrected artifacts from stakeholders.
  • Strong written and verbal communication skills.
  • Ability to work independently and within a team environment., * Familiarity with FedRAMP environments and federal compliance requirements.
  • Security+, CAP, CCP, or similar cybersecurity certification preferred but not required.
  • Experience supporting federal clients or regulated environments preferred.
  • Public Trust eligibility required; Secret clearance eligibility preferred.

Work Environment: This position supports both commercial and federal cybersecurity compliance initiatives within a collaborative and fast-paced environment. Candidates should be comfortable working directly with technical teams, leadership, and client stakeholders while managing multiple concurrent compliance activities.

Benefits & conditions

Pulled from the full job description

  • Professional development assistance
  • Prescription drug insurance
  • Health insurance
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Dental insurance, IBSS offers a competitive benefits package that includes medical, dental, vision, and prescription drug coverage with a company-paid deductible, paid time off, federal holidays, a matching 401K plan, tuition/professional development reimbursement, and Flex-Spending (FSA)/Dependent Care Account (DCA) options.

About the company

Since 1992, IBSS, a woman-owned small business, has provided transformational consulting services to the Federal defense, civilian, and commercial sectors. Our services include cybersecurity and enterprise information technology, environmental science and engineering (including oceans, coasts, climate, and weather), and professional management services. Our approach is to serve our employees by investing in their growth and development. As a result, our employees bring greater capabilities and provide exceptional service to our clients. In addition to creating career development opportunities for our employees, IBSS is passionate about giving back to the community and serving the environment. We strive to leave something better behind for the next generation. We measure our success by the positive impact we have on our employees, clients, partners, and the communities we serve. Our tagline, Powered by Excellence, is a recognition of the employees that make up IBSS and ensures we deliver results with quality, applying industry best practices and certifications.

Apply for this position