Job Requirements
Brooklyn Heights, NY
Public Trust Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Description
***This position is contingent upon award ***
Responsibilities:
Location: Hybrid - 3 days onsite Brooklyn, NY, 2 days remote
Requirements
Applicant must be a U.S. citizen residing in the U.S.
This position requires obtaining a clearance through the Department of Education. Applicants must be willing to undergo a background check as part of the hiring process.
Education: Bachelor's degree from an accredited university or 5-7 years of relevant experience.
Experience: 5+ years in GRC methodologies, security control auditing, third-party risk assessments
Certifications: (candidates MUST HAVE obtained at least one)
Technical Skills:
Benefits
***This position is contingent upon award ***
Responsibilities:
- Evaluate enterprise systems, networks, and applications to identify vulnerabilities, assess risks, and ensure compliance
- Interpret federal mandates (NIST SP 800-53/37), evaluate controls, and conduct Security Impact Analyses
- Manage Plan of Action and Milestones (POA&M) documentation
- Conduct security and compliance assessments for internal systems and third-party vendors
- Analyze assessment results, document findings, and support remediation efforts
- Use industry-standard GRC and risk tools for documentation and workflow
- Maintain assessment documentation and contribute to security posture reporting
- Perform daily RMF (Risk Management Framework) lifecycle control assessments
Location: Hybrid - 3 days onsite Brooklyn, NY, 2 days remote
Requirements
Applicant must be a U.S. citizen residing in the U.S.
This position requires obtaining a clearance through the Department of Education. Applicants must be willing to undergo a background check as part of the hiring process.
Education: Bachelor's degree from an accredited university or 5-7 years of relevant experience.
Experience: 5+ years in GRC methodologies, security control auditing, third-party risk assessments
Certifications: (candidates MUST HAVE obtained at least one)
- CISA (Certified Information Systems Auditor)
- CRISC
- CGEIT
- CISSP
- CompTIA Security+
- CCSK (Certificate of Cloud Security Knowledge)
- CAP/ISC2 CGRC
Technical Skills:
- GRC platforms (Archer/ServiceNow)
- Third-party risk tools (OneTrust/Prevalent)
- MS Excel (Advanced)
- MS Power BI
- MS Visio
- JIRA
- Microsoft Office Suite
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Training & Development
group id: 91128970
