GRC Analyst (Public Sector)

TL;DR

GRC Analyst (Public Sector): Managing governance, risk, and compliance operations for public sector business with an accent on FedRAMP/GovRAMP frameworks and continuous monitoring. Focus on automating compliance workflows, managing vulnerability remediation, and ensuring audit readiness for high-stakes government identity infrastructure.

Location: Must be a U.S. Person (Citizen or Permanent Resident) residing in the United States

Salary: $95,000 – $115,000

Company

hirify.global is building the identity trust infrastructure for the digital economy, verifying identities in real time to prevent fraud.

What you will do

• Coordinate external 3PAO assessments and manage evidence collection for FedRAMP and GovRAMP certifications.
• Lead continuous monitoring processes, including vulnerability management and remediation across engineering and DevOps teams.
• Maintain and update System Security Plans (SSP) and documentation aligned with NIST 800-53 standards.
• Design and implement AI-enabled compliance workflows to automate evidence generation and reporting.
• Oversee access controls, including least privilege reviews and quarterly access certifications.
• Serve as a security subject matter expert for public sector sales, RFP responses, and customer integration discussions.

Requirements

• Must be a U.S. Person (U.S. Citizen or Permanent Resident) residing in the United States.
• Must be able to obtain a U.S. OPM NACI clearance.
• 5+ years of cybersecurity or identity management experience, with at least 1 year in the public sector.
• Direct experience with FedRAMP, GovRAMP, and NIST frameworks (800-53, 800-63, 800-171).
• Proven ability to manage continuous monitoring, vulnerability remediation, and compliance reporting.
• Experience using AI tools and machine-readable formats like OSCAL to automate compliance processes.

Nice to have

• Professional certifications such as CISSP, CISM, CISA, or IAPP.
• Experience in regulated industries like financial services or healthcare.
• Knowledge of privacy frameworks including GDPR and CCPA.

Culture & Benefits

• Market competitive salary and equity packages.
• Comprehensive benefits and discretionary performance bonuses.
• Opportunity to shape GRC strategy in a fast-growing public sector business.
• Collaborative environment working across Security, Engineering, IT, and Legal teams.