IRS - Automation / GRC Tools Specialist

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, IT, or related field.
• 7+ years of experience with GRC platforms (e.g., ServiceNow GRC, Archer, Xacta, eMASS).
• Strong knowledge of NIST RMF (SP 800-37) and NIST SP 800-53 controls.
• Experience with automation tools, scripting (e.g., Python, PowerShell), and API integrations.
• Familiarity with continuous monitoring, vulnerability management, and compliance reporting.
• Strong analytical, problem-solving, and communication skills.

Responsibilities

• Design, implement, and maintain GRC tools and automation solutions supporting RMF and security control assessments.
• Automate workflows for security documentation (SSP, SAP, SAR, POA&M) and assessment processes.
• Develop dashboards, metrics, and reporting capabilities to track compliance, risk posture, and assessment progress.
• Integrate GRC platforms with enterprise systems (e.g., vulnerability scanners, asset management, ticketing systems).
• Standardize templates, data models, and processes across assessment activities.
• Support continuous monitoring (ISCM/CDM) through automated data collection and analysis.
• Provide technical support for FedRAMP and FISMA reporting and compliance activities.
• Identify opportunities for process improvement and implement automation to reduce manual effort.
• Support audit requests (TIGTA, GAO, OMB) by generating automated reports and evidence.
• Collaborate with cybersecurity SMEs, assessors, and stakeholders to improve tool usage and processes.
• Provide training and guidance to users on GRC tools and automated workflows.