Information Security GRC Analyst 3

United Launch AllianceCentennial, CO
$104,087 - $173,479Onsite

About The Position

At ULA, Information Security GRC Analyst 3 plays a critical role in supporting cybersecurity, assurance, and compliance activities for mission‑focused Aerospace and Defense programs. This role ensures the organization maintains compliance with multiple U.S. government and commercial cybersecurity frameworks—such as CNSSI 1253, NIST SP 800‑171, NIST SP 800‑172, and ISO/IEC 27001:2022—while enabling secure, resilient, and efficient operations across unclassified environments. This mid‑career position is ideal for an analytical, detail‑oriented professional with a solid grounding in risk management, cybersecurity controls, and compliance operations who is ready to take ownership of significant program responsibilities.

Requirements

  • Bachelor's degree in a STEM (Science, Technology, Engineering, Mathematics) field from an accredited college or university
  • Four years of directly related exempt work experience may be used to satisfy the bachelor’s degree requirement
  • Working knowledge of at least two of the following frameworks: CNSSI 1253, NIST SP 800‑53, NIST SP 800‑171/172, ISO/IEC 27001:2022
  • Experience supporting compliance in regulated or defense‑aligned environments (DoD, IC, A&D contractors, or similar)
  • Strong analytical, documentation, and communication skills

Nice To Haves

  • Experience with Risk Management Framework (RMF) authorization packages or audits
  • Understanding of Zero Trust principles and enhanced cybersecurity requirements under 800‑172
  • Professional certifications such as Security+, CySA+, CISM, CISSP, CCP, or CCA preferred
  • Experience working with cross‑functional engineering, IT, and programming teams in high‑security environments
  • Prior experience with DFARS/CMMC compliance preferred

Responsibilities

  • Support governance, risk, and compliance activities across unclassified A&D programs.
  • Translate framework requirements (CNSSI 1253, NIST 800‑171/172, ISO 27001:2022) into actionable technical and procedural controls.
  • Assist with developing, maintaining, and improving System Security Plans (SSPs), POA&Ms, risk registers, and related artifacts.
  • Participate in system categorization, control inheritance, and continuous monitoring activities for information systems and enclaves.
  • Conduct risk assessments, document findings, and work with engineering and operations teams to define mitigation strategies.
  • Support internal and external audits, customer assessments, and inspection readiness activities.
  • Contribute to policy and procedure development and ensure alignment to regulatory, contractual, and corporate requirements.
  • Monitor changes in U.S. government cybersecurity policy, DoD directives, and commercial standards; assess impact to internal environments.
  • Assist with incident response processes from a compliance and documentation perspective.
  • Provide GRC guidance to project teams and stakeholders while maintaining a strong customer‑service orientation.

Benefits

  • 401(k) match plus an additional employer contribution
  • Discretionary annual incentive bonus for eligible employees
  • Generous paid time off
  • Flexible work environments
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service