Senior GRC Analyst

Delinea•Redwood City, CA

1d•Remote

About The Position

Delinea’s Cybersecurity organization is seeking a skilled Senior GRC Analyst to play a key role in ensuring Delinea’s alignment and adherence with policies, practice and maintaining the company’s cybersecurity risk management framework across both commercial and regulated public sector environments. This role requires strong cross‑functional partnership to ensure compliance and drive continuous improvement, including alignment with U.S. public sector standards such as FedRAMP and GovRAMP, as well as broader risk‑management and improvement initiatives. This is a remote position based in the U.S. and reports to the Director of Governance, Risk, and Compliance.

Requirements

Bachelor’s degree in computer science, Information Technology, Business Administration, or a related field.
7+ years of experience in a Risk & Compliance role
Led a FedRAMP program for a direct company with high level knowledge of FedRAMP requirements, including:
NIST SP 800-53 Rev. 5 or FedRAMP 20x security controls
FedRAMP Moderate or High Baseline
FedRAMP PMO processes (Readiness Assessment, 3PAO interactions, ATO phases)
Understanding of federal cybersecurity frameworks (NIST 800-37 RMF, FIPS 199/200, etc.)
Experience in creating or maintaining System Security Plans (SSPs), Policies, procedures, and SOPs, Control implementation statements, and POA&M (Plan of Action & Milestones)
Experience supporting SOC 1, SOC 2 and PCI-DSS audits for cloud based services
Strong verbal and written communication, analytical and people skills.

Nice To Haves

Familiarity with Common Criteria concepts, including Security Targets and evaluation artifacts.
Familiarity with Cybersecurity Maturity Model Certification (CMMC)
Cybersecurity certifications (e.g. CISSP, CISA, CRISC, CIPP, etc.).
Familiarity with OneTrust or other GRC tools.
Familiarity with Jira and Confluence

Responsibilities

Enforce cybersecurity Process Risk and Control frameworks that are rationalized against applicable laws and standards.
Lead the FedRAMP Moderate and/or High authorization program and ongoing compliance
-Coordinate with 3PAOs, sponsoring agencies, and internal stakeholders during initial assessment.
-Assist in developing and maintaining FedRAMP-required documentation.
-Coordinate evidence collection for RAR, SAR, and continuous monitoring.
-Track security control implementation with engineering and IT teams.
-Maintain and update the POA&M and remediation timelines.
-Help manage ongoing FedRAMP continuous monitoring activities (e.g., monthly scans, annual assessments).
Perform cybersecurity risk assessments and maturity assessments.
Conduct control readiness assessments to evaluate design, implementation, and effectiveness.
Execute strategy for improving efficiency and ensuring organizational procedure alignment to maintain compliance with industry standards.
Lead continuous control monitoring activities using GRC and compliance automation platforms.
Function as a trusted advisor for business partners on the design and effective operation of controls.

Benefits

We offer competitive salaries, a meaningful bonus program, and excellent benefits, including healthcare insurance, as well as pension/retirement matching, comprehensive life insurance, an employee assistance program, time off plans, and paid company holidays.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume