Staff GRC Analyst (R3666)
Shield AI
What you'll do:
- Lead audit preparation, execution, and remediation efforts for certifications such as CMMC, ISO 27001, and other industry-aligned standards.
- Develop and maintain security compliance collateral, including policies, whitepapers, and standardized RFI/RFP responses.
- Collaborate with cross-functional teams (Security, IT, Legal, Engineering) to implement and track control requirements.
- Monitor regulatory obligations and maintain audit readiness through continuous assessment and documentation.
- Support customer trust efforts by aligning compliance initiatives with business growth and contractual requirements.
Required qualifications:
- 5+ years of experience in GRC, compliance, or information security roles, with a focus on both commercial and government customer requirements.
- Proven track record of leading audit readiness and certification efforts for frameworks such as CMMC, ISO 27001, NIST 800-53, or similar.
- Strong understanding of regulatory and contractual obligations in both federal and enterprise environments.
- Exceptional communication and documentation skills, with experience developing customer-facing compliance materials.
- Ability to work independently, influence cross-functional teams, and prioritize in a fast-paced, high-growth environment.
Preferred qualifications:
- Experience leading security and compliance programs in defense, aerospace, or other highly regulated environments.
- Deep familiarity with CMMC and ISO 27001 frameworks, along with related government or industry requirements.
- Proven ability to independently interface with customers, address security inquiries, and represent the company’s posture with confidence.
- Industry certifications such as CISSP, CISM, CISA, CRISC, or Certified CMMC Professional (CCP).
- Strong influence skills—able to drive cross-functional results, overcome resistance, and align stakeholders toward compliance goals.