Cybersecurity Governance Risk and Compliance (GRC) Analyst
Apply on
This position is responsible for conducting analysis on cybersecurity data to analyze the judiciary s risk posture through compliance with applicable policies and procedures. The position will assess compliance with selected controls and produce visualizations that demonstrate adherence to the controls across the federal judiciary. This position will be responsible for developing and reporting on key performance indicators to measure the effectiveness of GRC initiatives and the effectiveness of the judiciary s overall cybersecurity program.
Required:
- At least 1 year of experience in cybersecurity risk management and 1 year of experience in compliance analysis.
- Extensive understanding of applicable governing instructions including NIST 800-53 Security & Privacy Controls for Information Systems, the NIST Risk Management Framework and the NIST Cybersecurity Framework.
- Splunk knowledge
This role examines data from different sources with the goal of providing insight to agency, mission/security processes, and information systems. Designs, documents, and implements custom algorithms, workflow processes, and large data sets used for modeling, data mining, and research purposes. Extracts data from various databases. performs exploratory data analysis, cleanses, massages, and aggregates data. Employs scaling & automation to data preparation techniques. Determines analytics approach to solve problems. Connects insights to security decision making options and next steps testing or research opportunities. Understands initiatives and serves as primary analytic resource in discussions with partners to define security questions.