Cybersecurity GRC Analyst; SSP​/RMF​/Risk Assessment

We are seeking an experienced Cybersecurity Analyst with a strong background in governance, risk, and compliance (GRC) to support enterprise security and risk management initiatives. This role involves developing and maintaining security documentation, conducting security and risk assessments, and supporting compliance efforts aligned with NIST standards and industry best practices.

The ideal candidate has hands-on experience with security controls, risk analysis, audit support, and working within a GRC framework. Experience with System Security Plans (SSPs), security assessments, and GRC tools such as RSA Archer is highly valued. This position is 100% onsite in Austin, TX.

Job Responsibilities

• Develop, update, and maintain System Security Plans (SSPs) for enterprise applications and infrastructure
• Conduct Security Assessments to validate implementation and effectiveness of security controls
• Lead Risk Assessments, identifying threats, vulnerabilities, likelihood, and impact
• Document risks, mitigation strategies, and remediation plans within a GRC platform (RSA Archer preferred)
• Support Authority to Operate (ATO) processes and continuous monitoring activities
• Ensure compliance with NIST SP 800-53, NIST Risk Management Framework (RMF), and applicable security standards
• Track and manage POA&Ms and remediation efforts
• Prepare audit-ready documentation and compliance reports for leadership
• Collaborate with Information Owners, Custodians, and technical teams to gather control evidence
• Provide guidance on security documentation, assessment processes, and risk management best practices

- 4+ years of experience in cybersecurity, governance, risk, and compliance (GRC), or information assurance

- Hands-on experience developing System Security Plans (SSPs) and conducting Security and Risk Assessments

- Strong knowledge of NIST SP 800-53 and the NIST Risk Management Framework (RMF)

- Experience working with security controls, risk documentation, and remediation tracking (POA&Ms)

- Experience using a GRC platform (RSA Archer preferred)

- Strong technical writing and documentation skills

- Ability to work independently and collaborate with cross-functional teams

- At least one of the following certifications:
Security+, GSEC, CAP, or CISSP

- Must be local to the Austin, TX area and able to work onsite

Equal Opportunity

Employer:

Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.