Governance, Risk & Compliance (GRC) Analyst | Information Security | Phoenix AZ Hybrid | Arizona State Agency | Contract to Hire
About the position An Arizona state agency is seeking a GRC (Governance, Risk & Compliance) Analyst to join their Information Security team. You will perform risk assessments, conduct audit reviews, develop POA&Ms, and work cross-functionally with business units to strengthen the agency's security posture.
Responsibilities
- Perform risk assessments and audit reviews; generate findings reports and track outcomes
- Review and manage security audit plans, security plans, and risk documentation
- Investigate suspicious network activity and generate incident reports
- Prepare audit documentation and draft findings per agency writing standards
- Research IT security standards, laws, and regulations to ensure compliance
Requirements
- NIST 800-53 R5
- Risk Management Framework (RMF)
- Windows/Unix experience
- Bachelor's degree
- Local to Phoenix AZ metro (within 1 hour drive) — city and state must be on resume
- Eligible for FTE conversion — no visa sponsorship
- Available for in-person interview within 1 week of June 22
Nice-to-haves
- CISSP, CCSP, GSTRT, GSNA, or CAP certification
- Project management experience
- Knowledge of IRS Pub1075, HIPAA/HITRUST, CJIS, MARS-E frameworks
Apply tot his job Apply To this Job