Lead Governance, Risk & Compliance (GRC) Developing and maintaining enterprise cybersecurity governance programs Driving compliance with ISO 27001, NIST 800-171, CMMC, RMF, SOX, GDPR, NIS2, TISAX ...
Lead Governance, Risk & Compliance (GRC) Developing and maintaining enterprise cybersecurity governance programs Driving compliance with ISO 27001, NIST 800-171, CMMC, RMF, SOX, GDPR, NIS2, TISAX ...
This includes assessing cybersecurity risk, control testing and monitoring, identification and ... engineering governance, risk and compliance solutions to help automate testing and compliance ...
This includes assessing cybersecurity risk, control testing and monitoring, identification and ... engineering governance, risk and compliance solutions to help automate testing and compliance ...
(703) Cybersecurity Information System Security Officer (ISSO) with Security Clearance
Arlington, VA · On-site
... compliant, and mission-ready by leading Assessment & Authorization (A&A), Continuous Monitoring (ConMon), cybersecurity governance, and risk management activities. The position requires close ...
(703) Cybersecurity Information System Security Officer (ISSO) with Security Clearance
Arlington, VA · On-site
... compliant, and mission-ready by leading Assessment & Authorization (A&A), Continuous Monitoring (ConMon), cybersecurity governance, and risk management activities. The position requires close ...
ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business ... We seek Governance & Risk Analyst | Human Capital Programmatic Evaluation & Compliance - Policy ...
ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business ... We seek Governance & Risk Analyst | Human Capital Programmatic Evaluation & Compliance - Policy ...
Cybersecurity Manager
Chantilly, VA · On-site
$164K/yr
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Cybersecurity Manager
Chantilly, VA · On-site
$164K/yr
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Policy Analyst/Technical Writer
Arlington, VA · On-site
$85K - $105K/yr
Argo Cyber Systems is seeking a Policy Analyst / Technical Writer to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate ...
Quick apply
Policy Analyst/Technical Writer
Arlington, VA · On-site
$85K - $105K/yr
Argo Cyber Systems is seeking a Policy Analyst / Technical Writer to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate ...
Argo Cyber Systems is seeking a Policy Analyst / Technical Writer to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate ...
Argo Cyber Systems is seeking a Policy Analyst / Technical Writer to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate ...
Cybersecurity Manager
Chantilly, VA · On-site
$164K/yr
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Cybersecurity Manager
Chantilly, VA · On-site
$164K/yr
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Governance Risk Compliance (GRC) Manager
Vienna, VA · On-site
$140K - $170K/yr
... compliance posture * Support vendor security reviews on both sides: evaluating vendors we onboard and participating in customer-side reviews of us Risk Management * Maintain the risk register and ...
Governance Risk Compliance (GRC) Manager
Vienna, VA · On-site
$140K - $170K/yr
... compliance posture * Support vendor security reviews on both sides: evaluating vendors we onboard and participating in customer-side reviews of us Risk Management * Maintain the risk register and ...
Policy Control Analyst
Arlington, VA · On-site
Argo Cyber Systems is seeking a Program Control Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Policy Control Analyst
Arlington, VA · On-site
Argo Cyber Systems is seeking a Program Control Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Cybersecurity Manager with Security Clearance
Chantilly, VA · On-site
$164K/yr
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
Cybersecurity Manager with Security Clearance
Chantilly, VA · On-site
$164K/yr
Knowledge of cybersecurity governance, risk management principles, and compliance management practices. * Skill in leading and managing cybersecurity teams supporting multiple programs, contracts, or ...
... Governance, Risk, and Compliance (GRC) platforms • Translate Executive Orders, federal cybersecurity policies, NIST guidance, and emerging security requirements into actionable architectures ...
... Governance, Risk, and Compliance (GRC) platforms • Translate Executive Orders, federal cybersecurity policies, NIST guidance, and emerging security requirements into actionable architectures ...
Training Specialist
Arlington, VA · On-site
$75K - $95K/yr
Argo Cyber Systems is seeking a Training Specialist to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Quick apply
Training Specialist
Arlington, VA · On-site
$75K - $95K/yr
Argo Cyber Systems is seeking a Training Specialist to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Policy Control Analyst
Arlington, VA · On-site
Argo Cyber Systems is seeking a Program Control Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Quick apply
Policy Control Analyst
Arlington, VA · On-site
Argo Cyber Systems is seeking a Program Control Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Senior Analyst, Cybersecurity GRC
Washington, DC · On-site
$113K - $146K/yr
... Governance, Risk and Compliance, and TPRM due diligence/reassessment assessments and associated remediations. Senior Analyst, Cybersecurity GRC Qualifications: - Bachelor's degree (required) and at ...
Senior Analyst, Cybersecurity GRC
Washington, DC · On-site
$113K - $146K/yr
... Governance, Risk and Compliance, and TPRM due diligence/reassessment assessments and associated remediations. Senior Analyst, Cybersecurity GRC Qualifications: - Bachelor's degree (required) and at ...
Training Specialist
Arlington, VA · Hybrid
Argo Cyber Systems is seeking a Training Specialist to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Training Specialist
Arlington, VA · Hybrid
Argo Cyber Systems is seeking a Training Specialist to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
(705) Cybersecurity Analyst
Arlington, VA · On-site
The Cybersecurity Analyst serves as a trusted cybersecurity advisor responsible for supporting Risk ... Experience with Xacta, eMASS, or other Governance, * Risk, and Compliance (GRC) platforms.
(705) Cybersecurity Analyst
Arlington, VA · On-site
The Cybersecurity Analyst serves as a trusted cybersecurity advisor responsible for supporting Risk ... Experience with Xacta, eMASS, or other Governance, * Risk, and Compliance (GRC) platforms.
Manage vulnerability, risk, and incident response processes in alignment with FedRAMP, NIST RMF ... Bachelor's degree in cybersecurity, information security, computer science, or a related discipline ...
Manage vulnerability, risk, and incident response processes in alignment with FedRAMP, NIST RMF ... Bachelor's degree in cybersecurity, information security, computer science, or a related discipline ...
Cybersecurity Governance Risk Compliance information
See Reston, VA salary details
$23.9K - $36K
0% of jobs
$36K - $48K
0% of jobs
$48K - $60.1K
1% of jobs
$60.1K - $72.2K
2% of jobs
$72.2K - $84.2K
2% of jobs
$84.2K - $96.3K
8% of jobs
$103.9K is the 25th percentile. Wages below this are outliers.
$96.3K - $108.3K
18% of jobs
The median wage is $119.4K / yr.
$108.3K - $120.4K
20% of jobs
$132.1K is the 75th percentile. Wages above this are outliers.
$120.4K - $132.5K
24% of jobs
$132.5K - $144.5K
18% of jobs
$144.5K - $156.6K
6% of jobs
$23.9K
$118.3K
$156.6K
How much do cybersecurity governance risk compliance jobs pay per year?
What is the difference between Cybersecurity Governance Risk Compliance vs Cybersecurity Analyst?
| Aspect | Cybersecurity Governance Risk Compliance | Cybersecurity Analyst |
|---|---|---|
| Certifications | CISA, CISSP, CISM | CompTIA Security+, CISSP, CEH |
| Work Environment | Policy development, audits, compliance frameworks | Monitoring security systems, incident response |
| Employer & Industry Usage | Organizations with compliance needs, regulatory bodies | IT security teams, cybersecurity firms |
While Cybersecurity Governance Risk Compliance focuses on establishing policies, ensuring regulatory adherence, and managing risks, Cybersecurity Analysts primarily monitor security systems, analyze threats, and respond to incidents. Both roles are essential in a comprehensive cybersecurity strategy but differ in scope and daily responsibilities.
What are the key skills and qualifications needed to thrive as a Cybersecurity Governance, Risk, and Compliance (GRC) professional, and why are they important?
What are some typical challenges faced by professionals in Cybersecurity Governance, Risk, and Compliance (GRC) roles?
What is Cybersecurity Governance, Risk, and Compliance (GRC)?

Other
Posted 9 days ago
Job description
Driving compliance with ISO 27001, NIST 800-171, CMMC, RMF, SOX, GDPR, NIS2, TISAX, and related regulatory frameworksCreating and maintaining cybersecurity policies, standards, procedures, and governance documentation
Developing System Security Plans (SSPs), Electronic Communications Plans (ECPs), and Plans of Action & Milestones (POA&Ms)
Partnering with control owners to manage risks, exceptions, and continuous compliance improvements
Drive Enterprise Security Programs Conducting cybersecurity risk assessments
Monitoring security controls and regulatory compliance
Supporting secure systems architecture and enterprise network security initiatives
Collaborating with engineering teams on secure identity management, authentication, authorization, and access control
Supporting secure cloud and hybrid infrastructure environments
Lead Audit Readiness Preparing the organization for internal audits, customer assessments, and regulatory reviews
Coordinating audit evidence collection across cross-functional teams
Supporting CMMC assessments and RMF accreditation activities
Maintaining audit-ready documentation and cybersecurity artifacts
Strengthen Enterprise Resilience Leading Business Impact Assessments (BIAs)
Maintaining business continuity and disaster recovery programs
Conducting tabletop exercises
Developing cyber incident response and continuity playbooks
Manage Third-Party Cybersecurity Risk Performing vendor cybersecurity assessments
Evaluating supplier security documentation
Tracking remediation activities
Supporting cybersecurity contract reviews and right-to-audit requirements
Strengthening supply chain security posture
Partner Across the Business Collaborating with Architecture, Engineering, Product Security, IT, and executive leadership
Supporting Government Security Committee initiatives
Delivering executive briefings on cybersecurity posture and organizational risk
Promoting cybersecurity awareness and role-based training programs
What You Need: U.S. Citizenship and ability to obtain / maintain a Secret Clearance
Seven (7) or more years of cybersecurity, information assurance, GRC, compliance, or audit experience
Experience supporting DoD contractors, federal agencies, FOCI-mitigated organizations, or other highly regulated environments
Experience developing enterprise cybersecurity governance programs
Experience developing and maintaining SSPs, ECPs, and POA&Ms
Working knowledge of: ISO 2700, NIST 800-171, CMMC, RMF, SOX, GDPR, TISAX
Experience with cybersecurity compliance platforms and GRC tools
Strong technical writing, documentation, and communication skills
Ability to communicate effectively with executives, auditors, customers, and technical teams
Ability to meet with team members in Washington, DC Metro office monthly or as needed.
It's a Plus If You Have This: Active Secret Clearance
Experience supporting FOCI-mitigated organizations
Experience establishing cybersecurity programs for newly formed organizations
Secure enterprise architecture experience
Enterprise networking expertise
SOC, SIEM, and SOAR strategy experience
Vendor Risk Management experience
Supply chain cybersecurity experience
Business continuity and disaster recovery leadership
Technical Operations Center experience
Experience with: Splunk, Nessus Security Center, WebInspect, Xacta, Tanium, Microsoft Azure, AWS/C2S, VMware, Nutanix, PowerShell, SQL Security, STIG compliance, SecDevOps
Professional certifications such as: CISSP, CISM, CISA, CEH, ITIL, CCNP, JNCIA, ISO Lead Auditor
What's In It For You: Join a rapidly growing organization focused on national security innovation
Help shape enterprise cybersecurity strategy from the ground up
Work alongside experienced engineers, architects, and cybersecurity professionals
Influence security architecture supporting next-generation defense technologies
Competitive compensation and comprehensive benefits
Opportunity to make a direct impact on mission-critical U.S. defense programs
About the Company Wind RiverX delivers advanced software and engineering solutions for mission-critical aerospace, defense, and intelligent edge systems, supporting some of the world's most demanding operational environments. As a subsidiary of Wind River, whose software has powered aerospace, autonomous systems, commercial aviation, and defense platforms for more than four decades, Wind RiverX combines proven technical excellence with the speed and agility of a modern defense software company. Working closely with government and industry partners, Wind RiverX develops secure, software-defined solutions that strengthen digital resilience across air, land, sea, cyber, and space domains. The company values collaboration, technical excellence, integrity, and innovation while empowering employees to solve some of the nation's most complex technology challenges.
About SG2 Recruiting
Sourced by ZipRecruiter
Industry
Recruiting and staffing services
Company size
1 - 10 Employees
Headquarters location
Fairfax, VA, US
Year founded
2013