Note: The job is a remote job and is open to candidates in USA. Deltek is the intelligent, industry-tuned platform that powers the project lifecycle, and they are seeking a Principal Governance, Risk, & Compliance (GRC) Analyst to join their team. This role involves implementing and maintaining compliance framework controls and assessing security controls within multi-cloud environments to ensure adherence to regulations and standards.
Responsibilities
- Lead and execute audits and assessments related to NIST 800-53, FedRAMP, CMMC, ISO27001, PCI DSS, SOC 1, SOC 2, and other information security regulations
- Must have experience leading audit engagements as a principal auditor, understand requirements for completing internal and external audit engagements
- Lead the gathering, reviewing, assembling, maintaining, and presenting of internal and external audit evidence and related documentation
- Create and maintain compliance documents such as policies, standards, procedures. Prepare metrics and reporting
- Effectively communicate with Deltek technical and business stakeholders through written and verbal communication during the process of evidence collection, validation, testing and presentation of results
- Maintain proficiency with applicable laws, regulations, and standards
- Identify and communicate risk management, control gaps and process inefficiencies to key stakeholders
- Actively participate in initiatives aimed at enhancing Cloud Security Compliance team processes and procedures
- Support internal risk and compliance meetings as a subject matter expert
- Draft and maintain, and mature GRC services as primary or backup service owner (e.g., Policy Management, Risk Management, Customer Security Due Diligence, Business Continuity Planning, etc.)
- Lead efforts and provide support for any activity that helps maintain Deltek’s compliance and security standards
Skills
- US Citizenship is required for this position
- Minimum 3 years of leading implementing and/or assessing: Information technology audit, Information Technology General Controls (ITGC), Information security operations, cloud security and compliance, internal audit function, IT risk management, public accounting firm, or a related field
- B.S. degree (Information Security, Computer Science, MIS, or equivalent program preferred) from an accredited college/university
- Must have experience with ITAR/FedRAMP assessments within technological environments
- Possess, or working toward, baseline security certifications such as CISA/CompTIA/cloud certification for Microsoft Azure/AWS/Google Cloud Platform
- Excellent self-management and work with minimal direction
- Excellent time management skills for handling multiple competing priorities and simultaneous projects
- Excellent business and technical aptitude and problem-solving skills
- Excellent critical thinking, analytical, communication (written and verbal) and interpersonal skills
- Ability to work in a team environment collaboratively and take direction from senior level staff
- Enthusiasm to learn through a combination of structured, on-the-job, and self-directed training
- CCAK/CCSK, CISSP, CISA, or other related information security certification desired
- FedRAMP, NIST 800-171, CSA CCM, CIS Security Framework experience desired
- Experience with software development in a cloud environment desired
Benefits
- Employees have access to healthcare benefits
- A 401(k) plan and company match
- Paid vacation time and holidays
- Well-living programs
- Short-term and long-term disability coverage
- Basic life insurance
- Tuition reimbursement
- Certain roles are eligible for additional rewards, including incentive compensation and equity
Company Overview