Job Title: GRC Analyst
Location: Boston, MA (Hybrid)
Duration: 6 Months
A leading public-sector organization is seeking a Governance, Risk, and Compliance (GRC) Analyst to join its cybersecurity team. This role is key to advancing the organization's mission of safeguarding digital systems and information. The GRC Analyst will support the expansion and tracking of security safeguards and compliance across various programs, working closely with the GRC Lead, CISO, and other InfoSec stakeholders.
Analyze laws, regulations, policies, and frameworks such as NIST Cybersecurity Framework, PCI-DSS, and others
Participate in risk assessments and assist in implementing information security safeguards
Track compliance efforts across multiple regulatory programs (e.g., PCI-DSS, SSA, FMCSA, CJIS, Real ID)
Maintain documentation and status updates for ongoing risk mitigation initiatives
Collaborate across departments to support IT governance and security alignment
2+ years of experience in IT Operations
2+ years of experience in Information Security Risk Management
Excellent verbal and written communication skills
Strong organizational skills and team collaboration
Authorized to work in the U.S. indefinitely
Bachelor’s degree in Cybersecurity, Information Security, or related field
Certifications such as CISSP, CISM, or similar
Prior experience on a GRC team in a large organization
Familiarity with enterprise GRC tools (e.g., Archer, ServiceNow GRC, RSA GRC)