GRC Analyst

Jobs via Dice is seeking a detail-driven GRC Analyst for a long-term contract in Bethesda, MD. The role involves ensuring compliance with security governance, risk management, and standards like NIST 800-171 and FedRAMP. Responsibilities include monitoring security controls, conducting risk assessments, supporting audits, and collaborating with IT teams. Candidates should have 1-3 years of relevant experience and familiarity with compliance frameworks and tools.
Description

We are looking for a detail-driven GRC Analyst to join our team in Bethesda, Maryland. In this long-term contract role, you will play a vital part in ensuring adherence to security governance, risk management, and compliance standards. Your efforts will support the organization's compliance with frameworks such as NIST 800-171 and FedRAMP while enhancing audit readiness and maintaining secure system operations.

Responsibilities:

Monitor and track the implementation of security controls, ensuring compliance with NIST 800-171 and associated frameworks.

Assist in developing and enforcing security baselines, configurations, and standards in collaboration with IT teams.

Evaluate system changes to ensure alignment with organizational policies and compliance requirements.

Work with technical teams to uphold principles such as least privilege and deny-by-default using tools like Microsoft Entra ID, Intune, and Tanium.

Conduct periodic risk assessments for contracts, software, and privileged account requests.

Support internal audits and readiness reviews by preparing and maintaining documentation related to secure enclave operations.

Enhance and maintain organizational policies, procedures, standards, and audit trails to align with compliance frameworks.

Participate in vendor evaluations, risk assessments, and reviews of control effectiveness.

Ensure timely resolution of findings from audits and compliance assessments.

Requirements

Must be eligible to work in the U.S.

1-3 years of experience in a GRC, cybersecurity, compliance, or audit-related role.

Knowledge of NIST 800-171, FedRAMP, or similar regulatory frameworks.

Familiarity with tools like Microsoft Entra ID (Azure AD), Intune, Tanium, and SharePoint.

Strong understanding of change management, access control, and configuration management processes.

Excellent skills in communication, documentation, and team collaboration.

Ability to interpret technical information and create compliance-focused deliverables.

Certifications such as CompTIA Security+ or other related credentials are a plus.

Technology Doesn't Change the World, People Do.

Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.

2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.