logo inner

Senior Security Analyst

GranicusOnsite
This job is no longer open

The Company 


Serving the People Who Serve the People 


Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.  Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place.

With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada. By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe. Want to know more? See more of what we do here.  Granicus needs a Senior Security Analyst for our growing FedRAMP & GRC compliance program.  This is a pivotal role that will act as a leader and SME for FedRAMP, NIST RMF, and related compliance programs.

You will manage the monthly ConMon process and submissions, including POA&Ms and DRs. You will also manage annual and SCR-based audits.To be successful in this position you will need to be an expert in FedRAMP, NIST, and compliance, able to work with internal technical and non-technical teams, auditors, and the FedRAMP JAB. It is crucial that you have experience with FedRAMP, including the authoring and maintenance of FedRAMP-related CSP-based deliverables, and the security and their compliance of SaaS solutions ideally in the role of cloud service provider.

What your impact will look like here


  • Primarily, this role will work alongside GRC leadership to support and delivery Granicus’ existing and successful FedRAMP program (JAB Authorization), which includes, but is not limited, to the following
  • Lead, either individually or in partnership with GRC leadership, annual compliance audit components, including interaction with 3PAO.
  • Take ownership and curate, as necessary, System Security Plan and any other documentation and policies.
  • Stay apprised of any potential or upcoming changes to FedRAMP elements (e.g., NIST rev5) and ensure any work needed to comply is included in roadmap planning.
  • Lead elements of Continuous Monitoring (ConMon) process, including governance of POA&Ms, preparation of communication and evidence for the JAB, and all follow-up JAB interaction.
  • Act as point of contact with Joint Authorization Board as necessary, including any informal or ad-hoc engagement (e.g., discuss potential technology changes).  This role act as a trusted partner to JAB personnel, building on the positive, multi-year relationship Granicus has cultivated with the JAB.
  • Work with technical teams to structure Significant Change Requests
  • As a senior member of the team, this role will also have the opportunity and will be called upon to support other GRC related efforts, which may include –
  • Assisting with other certifications that Granicus maintains (e.g., ISO 27001)
  • Policy rationalization and optimization to accommodate global operating model and varied compliance and regulatory obligations.
  • Supporting Enterprise Risk Management Program
  • Helping to integrate newly acquired companies into Granicus processes

You will love this job if you have


  • Proven problem solving and analytical abilities, and can intake, assess and normalize, and present large amounts of complicated data.
  • Ability to communicate in a clear, concise, and comprehensive manner, with internal and external stakeholders, including Granicus senior leaders and external compliance/regulatory personnel.
  • Collaborative mindset, acting as an enabler of the business’ compliance/security goals and partner to technology teams to aid with risk reduction efforts, rather than an auditor-like approach to simply identify and track deficiencies.
  • Strong, cross-discipline technical, security, and compliance background, with ability to have moderately deep conversations with technology teams.
  • 3+ years of experience meaningfully supporting and leading elements of a FedRAMP program, including ongoing maintenance of all required processes, policies, or other documentation
  • Deep familiarity with cyber security control frameworks, particularly NIST CSF and NIST 800-53
  • 10+ years of Cyber Security experience, with 5+ of these years being in the Governance, Risk, and Compliance space.
  • Bachelors and/or master’s degree in Computer Science, Cyber Security, Information Technology, Risk Management, or related field.

$110,000 - $140,000 a yearSalary will vary based on relevant experience, certifications and education credentials in relationship to the position's requirements, and candidate alignment with internal equity.Security and Privacy Requirements1. Responsible for Granicus information security by appropriately preserving the Confidentiality, Integrity, and Availability (CIA) of Granicus information assets in accordance with the company's information security program.2. Responsible for ensuring the data privacy of our employees and customers, their data, as well as taking all required privacy training in a timely manner, in accordance with company policies. Don’t have all the skills/experience mentioned above? At Granicus, we are trying to build diverse, inclusive teams.

We do not have degree requirements for most of our roles. If you don’t meet every requirement above but are excited to learn more, we encourage you to apply. We might just be able to find another role that could be a perfect fit! The Team- We are a remote-first company with a globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.The Culture- At Granicus, we are building a transparent, inclusive, and safe space for everyone who wants to be a part of our journey. - A few culture highlights include – Employee Resource Groups to encourage diverse voices- Coffee with Mark sessions – Our employees get to interact with our CEO on very important and sometimes difficult issues ranging from mental health to work-life balance and current affairs. - Microsoft Teams communities focused on wellness, art, furbabies, family, parenting, and more.-=- - We bring in special guests from time to time to discuss issues that impact our employee population The Impact- We are proud to serve dynamic organizations around the globe that use our digital solutions to make the world a better place — quite literally. We have so many powerful success stories that illustrate how our solutions are impacting the world. See more of our impact here.

The Benefits


At Granicus, we offer a competitive benefits package that allows employees to tailor benefits to their needs. Benefits listed below are for employees based in the U.S.- Flexible Time Off- Medical (includes an option that is paid 100% by Granicus!), Dental & Vision Insurance- 401(k) plan with matching contribution- Paid Parental Leave- Employer-paid Short and Long Term Disability Insurance, Group Term Life Insurance and AD&D Insurance- Group legal coverage - And more!Granicus is committed to providing equal employment opportunities.

All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status with regard to public assistance, familial status, military or veteran status or any other status protected by applicable law.Apply for this job

This job is no longer open

Life at Granicus

Granicus provides technology that empowers government organizations to create better lives for the people they serve. By offering the industry's leading cloud-based solutions for communications, meeting and agenda management, and digital services to over 4,000 public sector organizations, Granicus helps turn government missions into quantifiable realities. Granicus products connect over 150 million people, creating a powerful network to enhance citizen engagement. By optimizing decision-making processes, Granicus strives to help government see better outcomes and a greater impact for the citizens they serve.
Thrive Here & What We Value1. Inclusive work environment valuing diverse voices (#1)2. Transparent communication on employee issues (#2)3. Safe space for sensitive discussions (#3)4. Coffee sessions with CEO Mark Sessions (#4)5. Building strong government-citizen relationships (#5)6. Simplifying critical information dissemination (#6)7. Empowering agencies with digital solutions (#7)8. Serving over 5,500 governments worldwide (#8)9. Collaborative work environment fostering innovation (#1)10. Emphasizing individual initiative and teamwork (#2)11. Opportunities for personal development (#3)12. Encouragement of work-life balance (#4)13. Driving positive community change through technology (#5)14. Recognition as a top company to work for (#6)15. Equitable and inclusive tech deployment (#7)16. Passionate public service, citizen engagement (#8)17. Commitment to customer experience excellence (#1)18. Collaborative partnerships advancing customer-centric initiatives (#2)19. Building trust and fostering collaboration within the organization (#3)20. Equitable, inclusive solutions meeting community needs (#4)
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Copyright © 2024