← all jobs

GRC Analyst, Federal Programs

Work from home Full-time role Hiring

Job Description:

  • Serve as a member of Sword's GRC team, contributing to security compliance across all products and services, with primary ownership of federal programs;
  • Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible;
  • Map NIST SP 800-171 practices to Sword's current environment and produce a clear, evidence-based gap analysis;
  • Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers;
  • Build and maintain the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and all artifacts required for assessment;
  • Serve as Sword's primary interface with the C3PAO and assessment team during formal CMMC assessments;
  • Drive FedRAMP readiness in parallel, including control documentation, evidence collection, and continuous monitoring;
  • Contribute to audits and compliance activities across other active frameworks, including SOC 2 and HITRUST, as part of Sword's broader GRC program.

Requirements:

  • 5+ years of hands-on experience in GRC, compliance, or security, with at least 3 of those years focused on federal compliance frameworks such as CMMC or FedRAMP;
  • Demonstrated experience owning deliverables and driving remediation through a CMMC, FedRAMP, or equivalent federal compliance effort;
  • Strong working knowledge of CMMC Level 2 practices, scoping methodology, and CUI handling requirements;
  • Ability to produce compliance documentation — SSPs, POA&Ms, gap analyses, control narratives — without heavy supervision;
  • Proven ability to communicate technical compliance requirements to non-technical stakeholders across engineering, operations, and business teams;
  • Experience engaging directly with external auditors and assessors, including evidence packaging and real-time response during assessments;
  • US citizenship required;
  • Ability to obtain a federal Public Trust designation if required by a sponsoring agency.

What we would love to see

• CMMC Certified Professional (CCP) credential, or active pursuit of it;

  • CMMC Certified Assessor (CCA) credential;
  • Hands-on experience with FedRAMP authorization packages, continuous monitoring, and agency ATO processes;
  • Background in defense contracting or regulated health tech environments;
  • Experience working across multiple compliance frameworks simultaneously (HITRUST, SOC 2, ISO 27001);
  • Familiarity with GRC platforms such as Hyperproof, Drata, or Vanta.

Benefits:

  • Comprehensive health, dental and vision insurance*

• Life and AD&D Insurance* • Financial advisory services* • Supplemental Insurance Benefits (Accident, Hospital and Critical Illness)* • Health Savings Account* • Equity shares* • Discretionary PTO plan* • Parental leave* • 401(k)

  • Flexible working hours
  • Remote-first company
  • Paid company holidays
  • Free digital therapist for you and your family

More open positions

Director, Governance, Risk, and Compliance – GRC

Work from home Full-time role

Director, Governance, Risk, and Compliance (GRC)

Work from home Full-time role

GRC Analyst, Federal Programs

Work from home Full-time role

GRC Analyst

Work from home Full-time role

Global intelligence analyst (days/hours tbd)

Work from home Full-time role

Senior AI Engineer

Work from home Full-time role

Remote Data Entry Supervisor – Entry-Level Data Management & Quality Assurance Specialist at careerzynith

Work from home Full-time role

Customer Service Representative – Remote Part‑Time Pool Service Support & Route Optimization Specialist at careerzynith

Work from home Full-time role

Steuerfachkraft (m/w/d) in Gaiberg mindestens 52.000€ - 100% Remote möglich

Work from home Full-time role

[Remote] Business Systems Architect - Level 2 - Essex Management (Contingent Role)

Work from home Full-time role

Corporate Payroll Analyst (100% Virtual/Remote)

Work from home Full-time role

Remote Data Entry Specialist – Accurate Data Management for careerzynith’s Pet‑Industry Operations

Work from home Full-time role

Associate Content Creator

Work from home Full-time role

Exciting FULL TIME Overnight Remote Positions Excel In Nighttime

Work from home Full-time role

Registered Nurse Navigator (Flex)

Work from home Full-time role

[Remote] Solution Account Manager - AI Revenue Management

Work from home Full-time role

Insurance Collector

Work from home Full-time role

Senior AWS/Azure/Google Cloud Platform Cloud Engineer - Fully REMOTE - Must have State experience of 3-5 years

Work from home Full-time role

Experienced Data Entry Clerk - Full Time / Part Time - Remote Opportunity at careerzynith

Work from home Full-time role

Experienced Part-Time Data Entry Associate – Remote Work Opportunity at careerzynith

Work from home Full-time role

Director – Digital Product Security and Operations

Work from home Full-time role