Information Security GRC Analyst 3

United Launch Alliance
Decatur, United States of America
8 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 173K

Job location

Decatur, United States of America

Tech stack

Computer Security
Information Systems
Computer Programming
Zero Trust Network Access

Job description

  • Support governance, risk, and compliance activities across unclassified A&D programs.
  • Translate framework requirements (CNSSI 1253, NIST 800171/172, ISO 27001:2022) into actionable technical and procedural controls.
  • Assist with developing, maintaining, and improving System Security Plans (SSPs), POA&Ms, risk registers, and related artifacts.
  • Participate in system categorization, control inheritance, and continuous monitoring activities for information systems and enclaves.
  • Conduct risk assessments, document findings, and work with engineering and operations teams to define mitigation strategies.
  • Support internal and external audits, customer assessments, and inspection readiness activities.
  • Contribute to policy and procedure development and ensure alignment to regulatory, contractual, and corporate requirements.
  • Monitor changes in U.S. government cybersecurity policy, DoD directives, and commercial standards; assess impact to internal environments.
  • Assist with incident response processes from a compliance and documentation perspective.
  • Provide GRC guidance to project teams and stakeholders while maintaining a strong customerservice orientation.

Requirements

This midcareer position is ideal for an analytical, detailoriented professional with a solid grounding in risk management, cybersecurity controls, and compliance operations who is ready to take ownership of significant program responsibilities., Minimum of 4 years of related work experience, * Bachelor's degree in a STEM (Science, Technology, Engineering, Mathematics) field from an accredited college or university

  • Four years of directly related exempt work experience may be used to satisfy the bachelor's degree requirement
  • Working knowledge of at least two of the following frameworks: CNSSI 1253, NIST SP 80053, NIST SP 800171/172, ISO/IEC 27001:2022
  • Experience supporting compliance in regulated or defensealigned environments (DoD, IC, A&D contractors, or similar)
  • Strong analytical, documentation, and communication skills

Preferred Qualifications

  • Experience with Risk Management Framework (RMF) authorization packages or audits
  • Understanding of Zero Trust principles and enhanced cybersecurity requirements under 800172
  • Professional certifications such as Security+, CySA+, CISM, CISSP, CCP, or CCA preferred
  • Experience working with crossfunctional engineering, IT, and programming teams in highsecurity environments
  • Prior experience with DFARS/CMMC compliance preferred

Benefits & conditions

We offer our employees competitive pay and benefits including:

  • 401(k) match plus an additional employer contribution
  • Discretionary annual incentive bonus for eligible employees
  • Generous paid time off
  • Flexible work environments

Additionally, most salaried ULA team members work a "9/80 schedule," meaning they enjoy every other Friday off.

Benefits and work schedules may vary for union-represented hourly positions and are described in the applicable collective bargaining agreement.

About the company

ULA is a participant in the federal E-Verify Program. Posters in PDF format pertaining to this program can be accessed by clicking on the links identified below. E-Verify Participation poster (English / Spanish) and Right to Work Poster (English / Spanish).

Apply for this position