The governance challenge is not getting people to use AI it is keeping pace with a workforce that already does, while ensuring every deployment meets the risk, security, and compliance standards that ...
The governance challenge is not getting people to use AI it is keeping pace with a workforce that already does, while ensuring every deployment meets the risk, security, and compliance standards that ...
Reporting directly to the Firm's Director of Information Security, the Security Governance, Risk, and Compliance (GRC) Manager is considered an essential position in safeguarding our Firm's data and ...
Reporting directly to the Firm's Director of Information Security, the Security Governance, Risk, and Compliance (GRC) Manager is considered an essential position in safeguarding our Firm's data and ...
Compliance Analyst
Arlington, VA · Hybrid
Argo Cyber Systems is seeking a Compliance Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Compliance Analyst
Arlington, VA · Hybrid
Argo Cyber Systems is seeking a Compliance Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Compliance Analyst
Arlington, VA · On-site
$110K - $130K/yr
Argo Cyber Systems is seeking a Compliance Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
Quick apply
Compliance Analyst
Arlington, VA · On-site
$110K - $130K/yr
Argo Cyber Systems is seeking a Compliance Analyst to support cybersecurity governance, risk, compliance, and modernization activities in federal environments. The selected candidate will work ...
GDMS Senior AI Governance & Risk Specialist
Chantilly, VA · On-site
$144K - $152K/yr
The governance challenge is not getting people to use AI it is keeping pace with a workforce that already does, while ensuring every deployment meets the risk, security, and compliance standards that ...
GDMS Senior AI Governance & Risk Specialist
Chantilly, VA · On-site
$144K - $152K/yr
The governance challenge is not getting people to use AI it is keeping pace with a workforce that already does, while ensuring every deployment meets the risk, security, and compliance standards that ...
Sr. AI Program Analyst
Mclean, VA · Hybrid
$60K - $123K/yr
Minimum 5 years of experience in AI, governance, risk, compliance, audit, or policy. * Proficiency in data analysis and statistical methods required. * Strong understanding of AI/ML principles, bias ...
Sr. AI Program Analyst
Mclean, VA · Hybrid
$60K - $123K/yr
Minimum 5 years of experience in AI, governance, risk, compliance, audit, or policy. * Proficiency in data analysis and statistical methods required. * Strong understanding of AI/ML principles, bias ...
AVP, AI Risk and Governance
Arlington, VA · On-site +1
$117K - $195K/yr
This role involves managing and establishing AI governance frameworks, performing risk assessments, and ensuring compliance with regulatory requirements. With a strong analytical background, the AVP ...
AVP, AI Risk and Governance
Arlington, VA · On-site +1
$117K - $195K/yr
This role involves managing and establishing AI governance frameworks, performing risk assessments, and ensuring compliance with regulatory requirements. With a strong analytical background, the AVP ...
AVP, AI Risk and Governance
Arlington, VA · On-site
$117K - $195K/yr
This role involves managing and establishing AI governance frameworks, performing risk assessments, and ensuring compliance with regulatory requirements. With a strong analytical background, the AVP ...
AVP, AI Risk and Governance
Arlington, VA · On-site
$117K - $195K/yr
This role involves managing and establishing AI governance frameworks, performing risk assessments, and ensuring compliance with regulatory requirements. With a strong analytical background, the AVP ...
Technical Risk Manager
Washington, DC · Remote
Risk, Compliance & Independent Certification Support Governance / Compliance / Technical as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF ...
Quick apply
Technical Risk Manager
Washington, DC · Remote
Risk, Compliance & Independent Certification Support Governance / Compliance / Technical as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF ...
Risk, Compliance & Independent Certification Support Governance / Compliance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
Quick apply
Risk, Compliance & Independent Certification Support Governance / Compliance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
VP, First Line Risk & Compliance
Chevy Chase, MD · On-site
$133K - $178K/yr
... governance forums * Lead issue identification, root cause analysis, remediation planning, and ... operations, risk management, or compliance within a regulated financial institution required
VP, First Line Risk & Compliance
Chevy Chase, MD · On-site
$133K - $178K/yr
... governance forums * Lead issue identification, root cause analysis, remediation planning, and ... operations, risk management, or compliance within a regulated financial institution required
SPA has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within the U.S. Army's General Fund Enterprise Business System - Sensitive Activities (GFEBS-SA). This ...
SPA has an immediate need for SIPR Governance, Risk, and Compliance (GRC) & Security Analyst within the U.S. Army's General Fund Enterprise Business System - Sensitive Activities (GFEBS-SA). This ...
VP, First Line Risk & Compliance
Chevy Chase, MD · On-site
$133K - $178K/yr
... governance forums * Lead issue identification, root cause analysis, remediation planning, and ... operations, risk management, or compliance within a regulated financial institution required
VP, First Line Risk & Compliance
Chevy Chase, MD · On-site
$133K - $178K/yr
... governance forums * Lead issue identification, root cause analysis, remediation planning, and ... operations, risk management, or compliance within a regulated financial institution required
Risk, Compliance & Independent Certification Support Governance / Compliance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
Risk, Compliance & Independent Certification Support Governance / Compliance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
VP, First Line Risk & Compliance
Chevy Chase, MD · On-site
$130K - $160K/yr
... governance forums * Lead issue identification, root cause analysis, remediation planning, and ... operations, risk management, or compliance within a regulated financial institution required
Quick apply
VP, First Line Risk & Compliance
Chevy Chase, MD · On-site
$130K - $160K/yr
... governance forums * Lead issue identification, root cause analysis, remediation planning, and ... operations, risk management, or compliance within a regulated financial institution required
Risk, Compliance & Independent Certification Support Compliance / Governance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
Quick apply
Risk, Compliance & Independent Certification Support Compliance / Governance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
Risk, Compliance & Independent Certification Support Compliance / Governance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
Risk, Compliance & Independent Certification Support Compliance / Governance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
SAP Governance Risk and Compliance (GRC) Process Controls Consultant
Washington, DC · On-site
$176K/yr
The work The Subject Matter Expert (SME) for SAP Governance Risk and Compliance (GRC) Process Controls (PC) will provide expert guidance throughout the S/4HANA implementation project. This person ...
SAP Governance Risk and Compliance (GRC) Process Controls Consultant
Washington, DC · On-site
$176K/yr
The work The Subject Matter Expert (SME) for SAP Governance Risk and Compliance (GRC) Process Controls (PC) will provide expert guidance throughout the S/4HANA implementation project. This person ...
Risk, Compliance & Independent Certification Support Governance / Compliance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
Risk, Compliance & Independent Certification Support Governance / Compliance as part of an as part of an Independent Engineering (IE) Advisory Services | Energy Dominance Financing (EDF) Advisory ...
SAP Governance Risk and Compliance (GRC) Process Controls Consultant
Washington, DC · On-site
$86K - $176K/yr
The work The Subject Matter Expert (SME) for SAP Governance Risk and Compliance (GRC) Process Controls (PC) will provide expert guidance throughout the S/4HANA implementation project. This person ...
SAP Governance Risk and Compliance (GRC) Process Controls Consultant
Washington, DC · On-site
$86K - $176K/yr
The work The Subject Matter Expert (SME) for SAP Governance Risk and Compliance (GRC) Process Controls (PC) will provide expert guidance throughout the S/4HANA implementation project. This person ...
Governance Risk Compliance information
See Reston, VA salary details
$32.8K - $40.4K
12% of jobs
$40.4K - $48K
7% of jobs
$50.6K is the 25th percentile. Wages below this are outliers.
$48K - $55.6K
17% of jobs
$55.6K - $63.2K
10% of jobs
The median wage is $65.3K / yr.
$63.2K - $70.8K
16% of jobs
$70.8K - $78.5K
9% of jobs
$83.3K is the 75th percentile. Wages above this are outliers.
$78.5K - $86.1K
7% of jobs
$86.1K - $93.7K
5% of jobs
$93.7K - $101.3K
7% of jobs
$101.3K - $108.9K
5% of jobs
$108.9K - $116.5K
4% of jobs
$32.8K
$71.5K
$116.5K
How much do governance risk compliance jobs pay per year?
Is GRC an entry level job?
Is governance risk and compliance a good career?
What is the work of governance risk and compliance?
What Are Jobs in Governance, Risk and Compliance?
Governance risk compliance (GRC) is a method for managing and strategizing an organization's regulations regarding governance, financial or physical risk, and regulatory compliance. It aligns the IT aspects with business objectives and works to improve the efficiency of a company. There are GRC consultants and GRC analysts who provide an assessment of a business’s GRC, identify risks, analyze the data, develop policies to benefit the workplace, and consult on the best choice of action. Your duties may involve optimizing GRC systems, implementing tactics to lower risk, providing internal audits, assisting with cybersecurity, creating routine reports, and ensuring regulatory compliance.
What is the salary of governance risk compliance?
What is Governance, Risk, and Compliance (GRC)?
How does a Governance, Risk, and Compliance (GRC) professional typically collaborate with other departments within an organization?
What is the difference between Governance Risk Compliance vs Risk Analyst?
| Aspect | Governance Risk Compliance | Risk Analyst |
|---|---|---|
| Certifications | CRISC, CISA, CISSP | CFA, FRM, CRISC |
| Work Environment | Corporate, regulated industries | Financial, consulting firms |
| Employer & Industry Usage | Financial institutions, healthcare, government | Banking, investment firms, insurance |
Governance Risk Compliance focuses on establishing policies, ensuring regulatory adherence, and managing enterprise-wide risks. Risk Analysts primarily assess specific financial or operational risks through data analysis. While both roles involve risk management, Governance Risk Compliance has a broader scope related to organizational compliance and governance frameworks, whereas Risk Analysts concentrate on analyzing and quantifying particular risks.
What are the key skills and qualifications needed to thrive as a Governance Risk Compliance (GRC) professional, and why are they important?
- What steps are key to getting into the field of Governance Risk Compliance?
- Is a Governanc Risk Compliance a good career?
- How Can I Get a Job in Governance, Risk and Compliance?
- What is the salary for a Governance Risk Compliance job?
- Governance Risk Compliance Jobs - What Are They and How to Get One
- Governance Risk Compliance Job Description Sample Template

GDMS Senior AI Governance & Risk Specialist
Chantilly, VA • On-site
Full-time
Posted 21 days ago
General Dynamics Mission Systems rating
7.7
Based on 29 frontline employees who took The Breakroom Quiz
121st of 209 rated software companies
Job description
Bachelor's degree or equivalent is required or the combination of education and relevant work experience plus minimum of 8 years of relevant experience; or Master's degree plus a minimum of 6 years of relevant experience.
Due to the nature of work performed within our facilities, U.S. citizenship is required.
Job Description
GDMS operates one of the largest enterprise AI deployments in the defense industry not as a pilot program, not as a proof of concept, but deeply embedded in how our workforce operates every day. Adoption is broad, active, and accelerating, spanning generative AI copilots, LLM-powered applications, and a rapidly growing portfolio of agentic and autonomous AI systems. The governance challenge is not getting people to use AI it is keeping pace with a workforce that already does, while ensuring every deployment meets the risk, security, and compliance standards that mission-critical defense work demands.
As a Sr. AI Governance & Risk Specialist, you will be a core practitioner on the Agentic AI Governance team, executing the day-to-day work that keeps GDMS AI deployment safe, accountable, and trusted. You will conduct and lead AI risk assessments, including real-time risk evaluation for active and in-flight deployments, perform governance audits, evaluate and ensure adherence to government and corporate AI regulations, lead implementation of corrective actions, and serve as a subject matter expert for engineering and program teams navigating the AI lifecycle. You will work directly with agentic tools and applications, bringing firsthand understanding of how they behave, where they fail, and what governance controls actually matter in practice.
This role requires a blend of technical literacy and governance discipline. You do not need to be a researcher or model trainer, but you must understand how AI systems work well enough to assess risk with precision rather than reflexive caution. The right candidate has used agentic tools hands-on, can evaluate an agentic workflow for failure modes, and can translate a NIST AI RMF control into a practical check a program team can execute. You will coordinate with Legal, Privacy, Business Unit leads, AI Reliability Engineering and the Cybersecurity organization to keep GDMS AI velocity ahead of the market without accumulating unacceptable risk. This is foundational work that bridges policy, risk, and technical implementation, requiring sound judgment, the ability to make independent stakeholder judgment calls, and direct accountability for the recommendations you put forward.
Key Responsibilities
AI Governance Execution & Assessment
- Conduct and lead comprehensive AI risk assessments and governance audits against emerging regulations for generative AI, LLM-based, and agentic applications; document findings, risk ratings, and mitigation strategies, and lead the implementation of corrective actions.
- Evaluate and ensure adherence to government and corporate AI policies, standards, and regulations across the six layers: AI inventory and discovery; data governance; security and access controls; model assurance; human oversight; and compliance and audit.
- Apply and maintain tiered governance frameworks calibrated to risk level, ensuring low-risk use cases clear quickly while mid- and high-risk applications receive appropriate scrutiny and escalation.
- Maintain the enterprise AI use inventory and control framework, including system inventory, risk register, shadow AI detection, approved use catalog, and control mapping, with accurate and current governance tracking; support dashboard reporting and KPI monitoring for AI governance program health.
- Prepare governance recommendations for approval and escalation, ensuring mid- and high-risk AI systems are escalated with clear risk rationale and decision support materials.
- Support development of self-service governance tooling, checklists, and playbooks that enable program teams to adopt AI responsibly without requiring individual review for low-risk applications.
Agentic AI Risk & Technical Assessment
- Assess risks specific to agentic AI systems and multi-agent architectures including tool-calling behavior, memory and retrieval systems, external API access, autonomous decision loops, and agent-to-agent communication patterns.
- Apply failure mode analysis to evaluate behavioral boundaries, unintended action risks, adversarial prompt vulnerabilities, and out-of-scope execution risks for agentic deployments.
- Evaluate and document human-in-the-loop (HITL) requirements and escalation thresholds appropriate to each agentic use case based on risk level, decision reversibility, and mission context.
- Conduct hands-on evaluation of agentic tools and platforms including AI coding assistants, copilot-style applications, and multi-agent orchestration frameworks to ground governance assessments in actual system behavior rather than vendor documentation alone.
- Implement measures to monitor and mitigate risks associated with AI systems and data flows across GDMS IT and network infrastructure; investigate and manage responses to AI governance incidents, anomalies, and inquiries, working to prevent and mitigate exposure.
Policy, Standards & Regulatory Compliance
- Maintain AI governance policies for responsible AI deployment, integrating government and corporate AI requirements into policy, standards, procedures, and operational guidance; own the policy lifecycle from drafting through review, approval, and periodic refresh aligned to enterprise risk priorities and evolving regulatory expectations.
- Translate regulatory requirements, including NIST AI RMF, OWASP Top 10 for LLMs, MITRE ATLAS, the EU AI Act, applicable U.S. Executive Orders on AI, and ISO 42001, into clear, actionable internal controls and assessment criteria without creating bureaucratic drag.
- Monitor the evolving domestic and international AI regulatory landscape; identify changes with organizational impact and escalate findings with recommended policy responses.
- Coordinate with Privacy, Legal, Cybersecurity, and IT leadership and assess compliance risk against emerging AI regulations, including the EU AI Act, applicable U.S. Executive Orders on AI, and evolving DoD and federal AI policy, identifying control gaps, quantifying exposure, and recommending corrective measures before requirements become binding obligations.
- Produce compliance reporting on AI controls for internal audit, regulatory examination, and governance committee review, documenting control effectiveness, open findings, and remediation status; support audit readiness activities including evidence collection, control validation, and documentation packages suitable for internal and regulatory stakeholder consumption.
Risk Monitoring, Reporting & Controls Assurance
- Perform ongoing monitoring and validation of deployed AI systems, including review of model performance, drift indicators, bias signals, and continued alignment with approved use scope.
- Identify opportunities to apply AI and automation for continuous improvement of the AI governance program itself including automated risk attribution, KPI tracking, and telemetry-driven evidence.
- Generate AI risk and governance reporting contributing to dashboards, risk posture summaries, and periodic reports for program leadership and cross-functional stakeholders.
- Evaluate effectiveness of cybersecurity controls applied to AI systems (NIST CSF, NIST AI RMF), collaborating with the Cybersecurity organization to integrate governance without duplicating ownership.
- Support vendor and third-party AI risk assessments, ensuring AI components from external providers meet GDMS contractual, regulatory, and governance requirements.
Knowledge, Skills & Abilities
- Collaborates and works effectively cross-functionally throughout the business, including with Legal, Information Technology, Cybersecurity, Security, and Contracts organizations.
- Excellent computer and data management knowledge, including IT Security, Cybersecurity, and cloud infrastructure concepts as they apply to AI system risk.
- Excellent ability to communicate comfortably with senior management, translating complex AI risk and governance topics into clear, decision-ready information.
- Excellent ability to manage a risk profile and design effective mitigation strategies appropriate to AI and agentic system risk scenarios.
- Working knowledge of NIST AI RMF, OMB AI guidance, FAR/DFARS AI requirements, DoD Responsible AI principles, CMMC implications, EU AI Act, GDPR, UK AI Governance Framework, ISO 42001, OECD AI Principles, and emerging state laws (Colorado, California, Virginia, Texas).
- Hands-on familiarity with Microsoft Copilot, Microsoft Purview, OpenAI, Anthropic, Google, and open-source AI ecosystems; awareness of Palantir, Snowflake, Databricks, ServiceNow.
- Understanding of Agentic AI 7-layer operating model, MCP architectures, tool calling, agent-to-agent communications, and human approval gates.
- Excellent analytical, written, and presentation skills; demonstrated ability to produce governance documentation, policy materials, and stakeholder briefings of high quality.
Education and Experience
- Bachelor's degree or equivalent is required, or the combination of education and relevant work experience, plus a minimum of 8 years of relevant experience; or
- Master's degree plus a minimum of 6 years of relevant experience in AI governance, technology risk, cybersecurity GRC, responsible AI, or AI/ML compliance.
- Certifications highly sought include IAPP AI Governance Professional (AIGP), Certified Risk and Information Systems Control (CRISC), Advanced AI Risk (AAIR), ISO 42001.
#LI-Hybrid
This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled.
USD $144,451.00 - USD $152,000.00 /Yr.
General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team!
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
What General Dynamics Mission Systems employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About General Dynamics Mission Systems
Sourced by ZipRecruiter
Industry
Guided missile and space vehicle manufacturing
Company size
10,000+ Employees
Headquarters location
Fairfax, VA, US
Year founded
1952