1

Governance Risk Compliance Jobs in Reston, VA (NOW HIRING)

AI Governance Analyst

Reston, VA

$86K - $102K/yr

... governance frameworks, privacy expectations, and emerging regulations ... This role will report to the Technology Risk and Compliance Sr. Director. This is a hybrid position ...

AI Governance Analyst

Reston, VA

$86K - $102K/yr

... governance frameworks, privacy expectations, and emerging regulations ... This role will report to the Technology Risk and Compliance Sr. Director. This is a hybrid position ...

You will translate these requirements into roadmap implications, compliance strategies, and ... Required * 8+ years of experience across governance, risk, security, privacy, compliance, or ...

Assessment & Authorization (A&A), CISSP, Cyber Security Governance, Governance Risk Compliance (GRC), NIST 800-53 Certifications: None Experience: 10 + years of related experience US Citizenship ...

next page

Showing results 1-20

Governance Risk Compliance information

See Reston, VA salary details

$32.8K

$71.5K

$116.5K

How much do governance risk compliance jobs pay per year?

As of Jul 14, 2026, the average yearly pay for governance risk compliance in Reston, VA is $71,505.00, according to ZipRecruiter salary data. Most workers in this role earn between $51,000.00 and $90,000.00 per year, depending on experience, location, and employer.

Is GRC an entry level job?

Governance, Risk, and Compliance (GRC) roles can be entry-level or require experience depending on the specific position. Entry-level GRC jobs typically focus on supporting compliance activities and may require basic knowledge of regulations and tools like audit software, while more advanced roles demand prior experience and specialized certifications.

Is governance risk and compliance a good career?

Governance, Risk, and Compliance (GRC) is a growing field that offers opportunities in managing organizational policies, regulatory requirements, and risk mitigation. It often requires knowledge of industry standards, certifications like CISA or CRISC, and strong analytical skills. The role provides stability and advancement potential in various industries, including finance, healthcare, and technology.

What is the work of governance risk and compliance?

Governance, Risk, and Compliance (GRC) professionals develop and implement policies to ensure organizations adhere to legal and regulatory requirements, manage risks effectively, and maintain ethical standards. They often use tools like risk assessments, audits, and compliance frameworks to identify vulnerabilities and ensure organizational integrity. The role requires strong analytical skills and knowledge of industry regulations.

What Are Jobs in Governance, Risk and Compliance?

Governance risk compliance (GRC) is a method for managing and strategizing an organization's regulations regarding governance, financial or physical risk, and regulatory compliance. It aligns the IT aspects with business objectives and works to improve the efficiency of a company. There are GRC consultants and GRC analysts who provide an assessment of a business’s GRC, identify risks, analyze the data, develop policies to benefit the workplace, and consult on the best choice of action. Your duties may involve optimizing GRC systems, implementing tactics to lower risk, providing internal audits, assisting with cybersecurity, creating routine reports, and ensuring regulatory compliance.

What is the salary of governance risk compliance?

The salary for a Governance, Risk, and Compliance (GRC) professional typically ranges from $70,000 to $130,000 annually, depending on experience, location, and certifications such as CISA or CRISC. Entry-level roles may start lower, while senior positions or those in high-demand industries can earn higher salaries.

What is Governance, Risk, and Compliance (GRC)?

Governance, Risk, and Compliance (GRC) is a coordinated strategy that organizations use to manage overall governance, enterprise risk management, and compliance with regulations and standards. GRC professionals help organizations align their business objectives with risk management practices and regulatory requirements. This role involves identifying potential risks, implementing policies to mitigate those risks, and ensuring that the organization adheres to legal, ethical, and internal standards. Effective GRC management can improve decision-making, optimize processes, and protect the organization from financial or reputational harm.

How does a Governance, Risk, and Compliance (GRC) professional typically collaborate with other departments within an organization?

GRC professionals work closely with a variety of departments, including IT, legal, finance, and operations, to ensure that organizational policies and regulatory requirements are consistently met. Collaboration often involves leading risk assessments, facilitating compliance training, and coordinating audits to identify and mitigate potential risks. Effective communication and relationship-building are key, as GRC teams must translate complex regulations into actionable steps for different business units. This cross-functional approach helps embed a culture of compliance and risk awareness throughout the organization.

What is the difference between Governance Risk Compliance vs Risk Analyst?

AspectGovernance Risk ComplianceRisk Analyst
CertificationsCRISC, CISA, CISSPCFA, FRM, CRISC
Work EnvironmentCorporate, regulated industriesFinancial, consulting firms
Employer & Industry UsageFinancial institutions, healthcare, governmentBanking, investment firms, insurance

Governance Risk Compliance focuses on establishing policies, ensuring regulatory adherence, and managing enterprise-wide risks. Risk Analysts primarily assess specific financial or operational risks through data analysis. While both roles involve risk management, Governance Risk Compliance has a broader scope related to organizational compliance and governance frameworks, whereas Risk Analysts concentrate on analyzing and quantifying particular risks.

What are the key skills and qualifications needed to thrive as a Governance Risk Compliance (GRC) professional, and why are they important?

To thrive as a Governance Risk Compliance professional, you need a solid understanding of regulatory frameworks, risk management principles, and policy development, often supported by a degree in business, law, or information security. Familiarity with GRC software platforms, compliance management systems, and certifications like CISA, CRISC, or CISSP is highly valuable. Strong analytical thinking, attention to detail, and effective communication skills set top performers apart in this field. These competencies are essential for ensuring organizational compliance, minimizing risks, and maintaining robust corporate governance.
What are the most commonly searched types of Governance Risk Compliance jobs in Reston, VA? The most popular types of Governance Risk Compliance jobs in Reston, VA are:
What are popular job titles related to Governance Risk Compliance jobs in Reston, VA? For Governance Risk Compliance jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Governance Risk Compliance jobs in Reston, VA look for? The top searched job categories for Governance Risk Compliance jobs in Reston, VA are:
What cities near Reston, VA are hiring for Governance Risk Compliance jobs? Cities near Reston, VA with the most Governance Risk Compliance job openings:
Infographic showing various Governance Risk Compliance job openings in Reston, VA as of July 2026, with employment types broken down into 1% As Needed, 82% Full Time, 12% Part Time, 1% Temporary, and 4% Contract. Highlights an 93% Physical, 2% Hybrid, and 5% Remote job distribution, with an average salary of $71,505 per year, or $34.4 per hour.

AWS Cloud Governance & Compliance Advisor (Top Secret)

UltraViolet Cyber

Springfield, VA • On-site

$110K - $160K/yr

Other

Medical, Dental, Vision, Life, Retirement

Posted 28 days ago


Job description

Make a difference here.

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from today's dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India. 

The Cloud Governance & Compliance Advisor will lead the assessment of cybersecurity governance frameworks, policies, and compliance programs to determine alignment with regulatory requirements and industry best practices. The Cloud Governance & Compliance
What You'll Do:

   Review and evaluate cybersecurity governance frameworks, policies, standards, and procedures
   Assess compliance with regulatory and industry standards such as: 
o    GDPR, HIPAA, SOC 2
o    NIST Cybersecurity Framework (CSF)
o    NIST SP 800-53
o    ISO/IEC 27001
o    Cloud Security Alliance (CSA) Cloud Controls Matrix
   Apply maturity models (e.g., NIST CSF, CMMI) to establish a current-state baseline
   Conduct interviews with compliance stakeholders and business leaders
   Perform detailed document reviews (policies, procedures, audit reports)
   Evaluate AWS governance processes and controls in regulated environments
   Identify gaps in governance, risk management, and compliance capabilities
   Develop actionable recommendations to improve governance structure and compliance posture
What You've Done:
   8+ years of experience in cybersecurity governance, risk, and compliance assessments
   Expertise in regulatory frameworks and audit/assessment processes
   Deep expertise in NIST, ISO, CSA CCM, and federal compliance frameworks
Core Certifications:
   CISSP - broad coverage across governance, risk, and controls
   CISM (Certified Information Security Manager) - governance and program oversight focus
   CRISC (Certified in Risk and Information Systems Control) - risk management emphasis
Compliance-Specific:
   CISA (Certified Information Systems Auditor) 
   ISO/IEC 27001 Lead Implementer or Lead Auditor
   CCSK (Certificate of Cloud Security Knowledge)
Clearance Requirement:
   Active TS/SCI with SCI Polygraph (or eligible)
$110,000 - $160,000 a year
  • 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
  • Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
  • Group Term Life, Short-Term Disability, Long-Term Disability  
  • Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
  • Participation in the Discretionary Time Off (DTO) Program  
  • 11 Paid Holidays Annually 

We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.

UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status. 

If you want to make an impact, UltraViolet Cyber is the place for you! 
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
apply for this job