Logo
Cherokee Nation Businesses

Cybersecurity Information Assurance Engineer (GRC Analyst)

Cherokee Nation Businesses, Richmond, Virginia, United States, 23214


Job Description

Cybersecurity Information Assurance Engineer (GRC Analyst)

This position requires the ability to obtain a Public Trust

We are seeking a highly motivated and skilled Cybersecurity Information Assurance Engineer / GRC Analyst (Mid-Level) to support the development of information assurance programs, assist with resolving technical challenges, and contribute to the continuous improvement of cybersecurity governance, risk, and compliance (GRC) processes. Under general supervision, the GRC Analyst will assist in implementing security control guidelines, developing new dashboard views, automating processes, and supporting key cybersecurity initiatives such as the Cybersecurity Framework (CSF) and Continuous Diagnostics and Mitigation (CDM) dashboards. The role also involves supporting compliance with federal mandates, conducting market research, and assisting with High Value Asset (HVA) assessments.

Please Note: This position is for future needs. If you are interested in a future with Cherokee Federal, APPLY TODAY! We are accepting applications.

Compensation & Benefits:Estimated Starting Salary Range for

Cybersecurity Information Assurance Engineer (GRC Analyst) : $160,000 to 175,000Pay commensurate with experience.Full time benefits include Medical, Dental, Vision, 401K and other possible benefits as provided. Benefits are subject to change with or without notice.Cybersecurity Information Assurance Engineer (GRC Analyst) Responsibilities Include:

Assist in the development and implementation of information systems assurance programs and security control guidelines to ensure compliance with cybersecurity standards.Provide support in resolving technical problems, setting priorities, and developing methods for improving cybersecurity processes.Prepare activity and progress reports related to information systems audits and risk assessments, ensuring accurate and timely documentation.Develop new dashboard views to support the Cybersecurity Framework (CSF), establish performance metrics, and integrate APIs to automate reporting and functionality.Define processes to leverage data from the Continuous Diagnostics and Mitigation (CDM) dashboard for enhanced reporting and support stakeholder training on the dashboard's functionality.Support the automation of existing processes using Power Apps or similar tools to streamline operations and reduce manual tasks.Provide analysis and review of new and emerging federal information security and privacy policies, directives, and mandates, ensuring the organization complies within specified timeframes.Identify policy and procedure ownership, track the implementation timelines, and ensure that security controls and compliance requirements are met.Conduct market research to establish a roadmap for modernizing the organization's Governance, Risk, and Compliance (GRC) tool, identifying key requirements to enhance security operations.Assist in agency-led High Value Asset (HVA) assessments in compliance with the Cybersecurity and Infrastructure Security Agency (CISA) Assessment Evaluation and Standardization (AES) Program.Update and enhance the organization's Entity-Wise Business Impact Analysis (EWBIA), ensuring alignment with current cybersecurity and business requirements.Performs other job-related duties as assignedCybersecurity Information Assurance Engineer (GRC Analyst) Experience, Education, Skills, Abilities requested:

Bachelor's degree in Cybersecurity, Information Technology, or a related field.Minimum 5 years of experience in cybersecurity, with a focus on information assurance, governance, risk, and compliance.Possesses IAT Level II certification (e.g., CompTIA Security+, GIAC, or equivalent).Familiarity with the Cybersecurity Framework (CSF), Continuous Diagnostics and Mitigation (CDM) dashboard, and related performance metrics.Experience in automating processes using Power Apps or similar tools to improve operational efficiency.Knowledge of federal cybersecurity mandates and policies, including the ability to analyze and implement new security directives.Strong analytical skills, with the ability to conduct market research and assist in the modernization of GRC tools and processes.Excellent written and verbal communication skills, with the ability to prepare detailed reports and documentation.Strong organizational skills, with the ability to manage multiple tasks and prioritize effectively.Experience supporting High Value Asset (HVA) assessments and compliance with CISA's Assessment Evaluation and Standardization (AES) Program preferred.Familiarity with Entity-Wise Business Impact Analysis (EWBIA) processes and enhancement techniques preferred.Experience in developing and implementing APIs to integrate and automate data reporting processes preferred.Past applicable job experience may include, but is not limited to: Information Security Risk Analyst, Compliance and Assurance Specialist, or Cybersecurity Compliance AnalystMust pass pre-employment qualifications of Cherokee FederalCompany Information:

Cherokee United Services (CUS)

is a part of Cherokee Federal - the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and

serving

the government's mission with compassion and heart. To learn more about

CUS , visit cherokee-federal.com.

#CherokeeFederal #LI-DNI

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Similar searchable job titles

Governance, Risk, and Compliance (GRC) AnalystInformation Security Risk AnalystCompliance and Assurance SpecialistCybersecurity Compliance AnalystInformation Assurance SpecialistKeywords

Risk AssessmentCompliance FrameworksSecurity AuditsPolicy DevelopmentThreat Management

Legal Disclaimer:

Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.