Principal Cyber Security GRC Analyst

Description

Requisition Number:

26-1013

Position Title:

Principal Cyber Security GRC Analyst

Employment Status:

Full Time/Exempt

Location:

New Orleans - New Orleans, LA

Relocation:

Yes

Summary of Primary Responsibilities:

The Principal Security GRC Analyst serves as the senior individual contributor responsible for governance, risk, and compliance (GRC) coordination and continuous monitoring within a Department of Energy (DOE) cybersecurity program. This position provides interpretation, implementation oversight, and strategic advisory support related to federal cybersecurity requirements, including the FISMA, OMB, DHS/CISA, and DOE cybersecurity directives to system owners, cybersecurity, IT leadership teams, and the organization’s Authorizing Official. The Principal Security GRC Analyst also ensures that security controls are appropriately assessed and continuously monitored in accordance with applicable federal standards and guidance issued by NIST, including NIST Special Publication 800-37, 800-53, and others Develops and maintains system accreditation documentation, including SSPs, SARs, POA&Ms, and continuous monitoring artifacts, for the organization’s general support system, national security system, and major applications, and ensures regular security reviews and updates of those documents in accordance with NIST RMF requirements. Manages the organization’s GRC system. Coordinates internal and external assessments and audits. Manages the organization’s FedRAMP/non-FedRAMP ATO process and participates in continuous monitoring and compliance meetings for FedRAMP/non-FedRAMP services. Manages the organization’s IT-related supply chain risk management (SCRM) functions. Responds to DOE Data Calls

Job Opening and Closing Dates:

3/05/2026 - 3/17/2026

Qualifications:

MINIMUM QUALIFICATIONS: Four years related work experience (e.g., hands-on cybersecurity position, cybersecurity assessor/auditor, or cybersecurity consulting related to GRC - supporting U.S. Federal cybersecurity programs preferred) U.S. citizen with the ability to obtain a U.S. Government Security Clearance. Strong analytical, documentation, and executive briefing skills. EDUCATION: Bachelor’s degree in relevant field or relevant certifications such as CISSP, CISA, CISM, CRISC, or CGRC.