Corporate Governance, Risk and Compliance Analyst

Job not on LinkedIn

🔥 1 minute ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Onebrief

Onebrief

1 - 10 employees

🏢 Enterprise

🏛️ Government

☁️ SaaS

💰 $21M Venture Round on 2022-10

Enterprise • Government • SaaS

Onebrief is a platform that enhances and accelerates decision-making, planning, and collaboration, especially within large organizations and governmental bodies. The platform aims to streamline operations and reduce manual processes by offering real-time collaboration, data visualization, specialized workflows, and creative support tooling. Designed by senior planners, Onebrief serves as a hub for users to build plans and products efficiently, with the platform being noted for significantly improving productivity and adaptability. It is used across various networks, including SIPR and JWICS, and is regarded as a transformative tool for organizations such as the National Security Council and the US Army.

📋 Description

• Own RMF authorizations across Department of War components and FedRAMP High, alongside CMMC 2.0 and SOC 2 compliance for corporate systems • Maintain authorization and audit evidence, including SSPs, SARs, POA&Ms, STIGs, and control mappings • Partner with Engineering, Product, and Security to embed compliance requirements into system design and CI/CD workflows, not bolt them on afterward • Coordinate internal assessments and external audit readiness across all applicable frameworks • Track regulatory and contractual changes and advise leadership on what they mean for Onebrief • Run risk assessments and vendor/supply chain risk reviews across both federal and corporate environments

🎯 Requirements

• U.S. Citizen • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field • 8+ years in cybersecurity compliance • Hands-on expertise with RMF and at least one of CMMC 2.0 or SOC 2 • One or more of the following certifications: CISSP, CISM, CISSO, CPTE, CySA+, FITSP-A, GCSA, CISA, ISSEP, GSLC, or GSNA • Experience with GRC platforms, including automated evidence collection and testing (eMASS experience a plus)

🏖️ Benefits

• Equity: Share in the company's success. • Flexible Work Environment: Remote-first organization with flexible work hours and unlimited PTO. • Comprehensive Health Coverage: Health, dental, vision, and life insurance. • Retirement Plan: 401(k) plan with company match to secure your future. • Parental Leave: 8 weeks at 100% regardless of state. • Company Retreats: Annual company summit trips. • Home Office Budget: $1,000 per year for home office improvements.

Apply Now

Similar Jobs

🔥 48 minutes ago

True Zero Technologies, LLC

11 - 50

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

Quality & Compliance Administrator supporting PMO growth and quality management at veteran-owned True Zero Technologies. Focusing on compliance and continuous improvement across government contracts.

🔥 2 hours ago

PrizePicks

201 - 500

🎮 Gaming

⚽ Sports

Senior GRC Analyst at PrizePicks managing governance, risk, and compliance initiatives. Leading cross-department collaboration and regulatory compliance processes in a fast-paced environment.

🔥 6 hours ago

Health Plans, Inc.

201 - 500

⚕️ Healthcare Insurance

💳 Fintech

🤝 B2B

Compliance Coordinator at HPI overseeing compliance inquiries and coordinating various compliance initiatives. Working in a flexible environment with a focus on health insurance solutions.

🔥 10 hours ago

eGRC Data Specialist supporting data migration to a new Governance, Risk and Compliance platform in a cybersecurity firm. Collaborating with stakeholders and Professional Services for high-quality data integration.

🔥 13 hours ago

Blend360

501 - 1000

🤖 Artificial Intelligence

🏢 Enterprise

Director, Global Risk & Compliance leading risk management at AI services provider Blend. Establishing centralized risk management function and engaging with enterprise clients on compliance.