Overview
On Site
USD 40,001.00 - 80,000.00 per year
Full Time
Skills
Risk Analysis
Information System Security
System Security
Security Analysis
NIST SP 800 Series
Network
FISMA
Risk Management Framework
RMF
Risk Assessment
Impact Analysis
Security Controls
Continuous Monitoring
SAP GRC
eMASS
EMC RSA Archer
Auditing
Documentation
Communication
Information Systems
Cyber Security
IT Governance
Microsoft Office
Microsoft Excel
Microsoft PowerPoint
Attention To Detail
Analytical Skill
Security+
ITIL
FedRAMP
Cloud Computing
Regulatory Compliance
Privacy
OWASP
Change Management
Document Management
Security Clearance
Information Technology
Systems Engineering
FOCUS
Job Details
Job ID: 2507116
Location: WASHINGTON, DC, US
Date Posted: 2025-06-30
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Yes
Description
SAIC is seeking a Cyber Governance, Risk, and Compliance (GRC) Analyst associate to support a U.S. government agency in Washington, DC. This hybrid role requires three days onsite per week and offers a strong foundation for candidates beginning their career in cybersecurity compliance, risk analysis, and IT governance.
The Cyber GRC Associate will work alongside senior cybersecurity professionals and Information System Security & Privacy Officers (ISSPOs) to support the implementation of the NIST Risk Management Framework (RMF), FISMA compliance, and other federal security policies. The role involves assisting with documentation, security assessments, continuous monitoring, and risk tracking across cloud and on-premise systems.
Core Responsibilities & Qualifications:
Assist in preparing and maintaining key security artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), and POA&Ms.
Support development of security control implementation statements based on NIST SP 800-53.
Help document system boundaries, network diagrams, and technical narratives following changes or assessments.
Familiarity with FISMA, RMF, and federal cybersecurity compliance frameworks.
Participate in risk assessments for IT systems and applications, identifying control gaps and recommending mitigation strategies.
Assist with Security Impact Analyses (SIAs) related to configuration or operational changes.
Contribute to analysis and tracking of control deficiencies, exceptions, and waiver requests.
Help validate ongoing security control effectiveness by collecting and reviewing evidence as part of Continuous Monitoring activities.
Support audit readiness efforts, third-party assessments or internal reviews.
Exposure to GRC tools (e.g., CSAM, eMASS, Archer) or audit documentation tracking systems is a plus.
Coordinate with infrastructure, cloud, and application teams to support secure configurations and remediation tracking.
Assist in documenting and analyzing security incidents, including initial impact assessment and recommended response actions.
Strong written and verbal communication skills, with the ability to interpret and document technical information clearly.
Qualifications
Education & Experience:
Bachelor's degree in Cybersecurity, Information Systems, or related field.
0-2 years of experience in cybersecurity, compliance, or IT governance (internships or academic project work acceptable).
Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint).
Strong attention to detail, analytical skills, and ability to learn in a fast-paced environment.
Preferred Qualifications:
Entry-level certification (e.g., Security+, ITIL Foundation, CAP).
Familiarity with FedRAMP, cloud compliance, or privacy requirements.
Awareness of frameworks such as OWASP Top 10 or MITRE ATT&CK.
Prior exposure to configuration/change management or documentation control processes.
Clearance Requirement:
Must be eligible to obtain and maintain a U.S. Public Trust clearance.
This is a hybrid position requiring three on-site days per week in Washington, DC.
Target salary range: $40,001 - $80,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Location: WASHINGTON, DC, US
Date Posted: 2025-06-30
Category: Cyber
Subcategory: Cyber GRC
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: None
Clearance Level Must Be Able to Obtain: Public Trust
Potential for Remote Work: Yes
Description
SAIC is seeking a Cyber Governance, Risk, and Compliance (GRC) Analyst associate to support a U.S. government agency in Washington, DC. This hybrid role requires three days onsite per week and offers a strong foundation for candidates beginning their career in cybersecurity compliance, risk analysis, and IT governance.
The Cyber GRC Associate will work alongside senior cybersecurity professionals and Information System Security & Privacy Officers (ISSPOs) to support the implementation of the NIST Risk Management Framework (RMF), FISMA compliance, and other federal security policies. The role involves assisting with documentation, security assessments, continuous monitoring, and risk tracking across cloud and on-premise systems.
Core Responsibilities & Qualifications:
Assist in preparing and maintaining key security artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), and POA&Ms.
Support development of security control implementation statements based on NIST SP 800-53.
Help document system boundaries, network diagrams, and technical narratives following changes or assessments.
Familiarity with FISMA, RMF, and federal cybersecurity compliance frameworks.
Participate in risk assessments for IT systems and applications, identifying control gaps and recommending mitigation strategies.
Assist with Security Impact Analyses (SIAs) related to configuration or operational changes.
Contribute to analysis and tracking of control deficiencies, exceptions, and waiver requests.
Help validate ongoing security control effectiveness by collecting and reviewing evidence as part of Continuous Monitoring activities.
Support audit readiness efforts, third-party assessments or internal reviews.
Exposure to GRC tools (e.g., CSAM, eMASS, Archer) or audit documentation tracking systems is a plus.
Coordinate with infrastructure, cloud, and application teams to support secure configurations and remediation tracking.
Assist in documenting and analyzing security incidents, including initial impact assessment and recommended response actions.
Strong written and verbal communication skills, with the ability to interpret and document technical information clearly.
Qualifications
Education & Experience:
Bachelor's degree in Cybersecurity, Information Systems, or related field.
0-2 years of experience in cybersecurity, compliance, or IT governance (internships or academic project work acceptable).
Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint).
Strong attention to detail, analytical skills, and ability to learn in a fast-paced environment.
Preferred Qualifications:
Entry-level certification (e.g., Security+, ITIL Foundation, CAP).
Familiarity with FedRAMP, cloud compliance, or privacy requirements.
Awareness of frameworks such as OWASP Top 10 or MITRE ATT&CK.
Prior exposure to configuration/change management or documentation control processes.
Clearance Requirement:
Must be eligible to obtain and maintain a U.S. Public Trust clearance.
This is a hybrid position requiring three on-site days per week in Washington, DC.
Target salary range: $40,001 - $80,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.