Programmer - GRC Administrator and Developer

About The Position

Requirements

• 2 -3+ years:
• Python programming (primary requirement)
• Database design expertise
• 1 -2+ years:
• API integration and automation experience
• Agile methodology experience
• Risk Management knowledge
• GRC tool familiarity (preferred)
• Python programming experience
• Experience developing automation scripts and API integrations (RESTful APIs)
• General knowledge of database design
• Basic programming skills in Java or C#
• Familiarity with DevOps practices and Risk Management concepts
• Experience with Agile methodology (e.g., sprints)
• Strong troubleshooting and problem -solving skills
• Excellent communication and collaboration abilities

Nice To Haves

• Experience with automated testing
• Knowledge of any GRC tool (Navex IRM experience is a plus)
• Understanding of governance, risk, and compliance frameworks
• Experience with security frameworks such as CJIS, IRS 1075, PCI, ARC -AMPE

Responsibilities

• Serve as the primary administrator and developer for the State of Michigan’s GRC tool (Navex IRM).
• Collaborate closely with stakeholders to understand security and compliance requirements and design tailored automation solutions.
• Lead automation initiatives for security accreditation processes, including evidence collection, workflow routing, and control reviews to reduce manual effort.
• Design and implement unified security controls frameworks aligned with State of Michigan
• Standards and integrate CJIS v6.0, IRS 1075, PCI (SAQ A, SAQ A -EP), and ARC -AMPE standards.
• Develop and maintain Python API modules and automation scripts to import and update compliance controls, integrate CMDB, vulnerability data, and audit evidence for continuous monitoring.
• Work cross -functionally with IT, security, and business teams to ingest structured data (JSON, CSV) into the GRC tool and maintain centralized Azure Repos for source control and documentation.
• Integrate with RESTful APIs to automate data imports, exports, and reporting in JSON and CSV formats.
• Troubleshoot issues, identify solutions, and ensure timely resolution.
• Maintain and update system and project documentation (Azure repositories, SharePoint).
• Communicate with Navex IRM regarding software issues, maintenance, and upgrades.
• Analyze GRC issues/incidents to identify root causes and work with vendor support to implement solutions.
• Participate in development activities, including testing, implementation, and documentation.
• Perform other duties as assigned.

Benefits

• We understand a comprehensive benefits package is crucial to employment satisfaction. We offer medical, dental and vision coverage options for all employees.