HHS - GRC Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

cFocus Software Incorporated · 1 day ago

HHS - GRC Analyst

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

cFocus Software Incorporated is seeking a GRC Analyst to support the Department of Health and Human Services (HHS). The role involves serving as a subject matter expert for the HRSA eGRC solution, ensuring compliance, supporting user training, and enhancing eGRC capabilities.

ChatbotGovernmentInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Serve as the primary SME for the HRSA eGRC solution, supporting all tool functionality
Create, configure, and maintain records for FISMA systems, applications, and components
Monitor eGRC data to ensure completeness, accuracy, and compliance with HRSA requirements
Provision new user accounts, manage permissions, and enforce role-based access controls
Provide training, guidance, and day-to-day user support for federal and contractor users
Troubleshoot system issues and restore tool functionality in coordination with vendors and HRSA IT
Develop and implement enhancements to eGRC capabilities, including:
Automated POA&M tracking
Integration with vulnerability management and security tools
OSCAL import/export functionality
Continuous monitoring dashboards
AI-assisted control mapping and analysis
Develop analytics and reporting capabilities to identify trends, predict authorization risks, and support risk-based decision making
Support configuration management, patching, and upgrades of the eGRC platform in accordance with HHS and vendor standards
Follow HRSA change management processes, including preparation of technical implementation plans
Maintain an SLA of responding to change requests and tickets within two (2) business days
Support contingency planning, continuity of operations, and participation in contingency tests
Coordinate with HRSA Hosting, Network Operations, ISSOs, and RMF teams to support tool integrations and operational requirements
Develop dashboards, metrics, and reports supporting CPIC, RMF, and executive reporting
Support audits, assessments, and data calls by providing accurate system and risk data
Collaborate with ISSOs, Risk Analysts, and Program Management staff to ensure alignment between system documentation and eGRC records
Document SOPs, workflows, and user guides for eGRC operations and enhancements

Qualification

EGRC platformsFISMANIST SP 800-53CybersecurityAnalytical skillsOSCALAutomationSystem integrationsProblem-solving skillsDocumentation skills

Required

Bachelor's degree in Information Technology, Cybersecurity, or related discipline
Minimum 5 years of experience supporting federal GRC or RMF programs
Hands-on experience administering eGRC platforms (e.g., RSA Archer)
Strong knowledge of FISMA, RMF, NIST SP 800-37, and NIST SP 800-53
Strong analytical, problem-solving, and documentation skills

Preferred

Experience with OSCAL, automation, and system integrations preferred

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
dateFounded in 2006
location
Largo, Florida, USA
people-size11-50 employees
web-link
https://cfocussoftware.com/

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase