Job Description:
• Support drafting and formatting of SSP/KSI artifacts, policies, and plans
• Collect and organize evidence; maintain traceability in RegScale
• Maintain trackers for actions, evidence requests, and POA&Ms
• Help compile monthly/quarterly ConMon reporting inputs
Requirements:
• 1–3 years experience in GRC, audit support, compliance operations, or security documentation
• Strong written communication and attention to detail (templates, tables, and structured documents)
• Basic familiarity with NIST 800-53 concepts or willingness to learn quickly
• Comfort working with spreadsheets and tracking artifacts across multiple stakeholders
• Reliable follow-through and responsiveness in a fast-moving delivery environment
• Nice to have: Associates degree in IT, Cybersecurity, or related field
• Nice to have: Any FedRAMP exposure (coursework, prior engagement support, or template familiarity)
• Nice to have: Experience with GRC tools (RegScale, ServiceNow GRC, Archer) and/or ticketing systems
• Nice to have: Security+ or similar entry-level security certification
Benefits:
• Remote-first; minimal travel expected
• No clearance required; must be able to pass a standard background check and sign NDA/SOW