All roles

Open role

GRC Analyst, Federal Programs

Remote · United Arab Emirates Full-time

Job Description:

  • Serve as a member of Sword's GRC team, contributing to security compliance across all products and services, with primary ownership of federal programs;
  • Define and maintain the CMMC assessment boundary, working across infrastructure, engineering, and business teams to ensure the scope is accurate and defensible;
  • Map NIST SP 800-171 practices to Sword's current environment and produce a clear, evidence-based gap analysis;
  • Translate identified gaps into prioritized remediation tasks with clear ownership, for audiences ranging from DevOps engineers to clinical operations managers;
  • Build and maintain the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and all artifacts required for assessment;
  • Serve as Sword's primary interface with the C3PAO and assessment team during formal CMMC assessments;
  • Drive FedRAMP readiness in parallel, including control documentation, evidence collection, and continuous monitoring;
  • Contribute to audits and compliance activities across other active frameworks, including SOC 2 and HITRUST, as part of Sword's broader GRC program.

Requirements:

  • 5+ years of hands-on experience in GRC, compliance, or security, with at least 3 of those years focused on federal compliance frameworks such as CMMC or FedRAMP;
  • Demonstrated experience owning deliverables and driving remediation through a CMMC, FedRAMP, or equivalent federal compliance effort;
  • Strong working knowledge of CMMC Level 2 practices, scoping methodology, and CUI handling requirements;
  • Ability to produce compliance documentation — SSPs, POA&Ms, gap analyses, control narratives — without heavy supervision;
  • Proven ability to communicate technical compliance requirements to non-technical stakeholders across engineering, operations, and business teams;
  • Experience engaging directly with external auditors and assessors, including evidence packaging and real-time response during assessments;
  • US citizenship required;
  • Ability to obtain a federal Public Trust designation if required by a sponsoring agency.

What we would love to see

• CMMC Certified Professional (CCP) credential, or active pursuit of it;

  • CMMC Certified Assessor (CCA) credential;
  • Hands-on experience with FedRAMP authorization packages, continuous monitoring, and agency ATO processes;
  • Background in defense contracting or regulated health tech environments;
  • Experience working across multiple compliance frameworks simultaneously (HITRUST, SOC 2, ISO 27001);
  • Familiarity with GRC platforms such as Hyperproof, Drata, or Vanta.

Benefits:

  • Comprehensive health, dental and vision insurance*

• Life and AD&D Insurance* • Financial advisory services* • Supplemental Insurance Benefits (Accident, Hospital and Critical Illness)* • Health Savings Account* • Equity shares* • Discretionary PTO plan* • Parental leave* • 401(k)

  • Flexible working hours
  • Remote-first company
  • Paid company holidays
  • Free digital therapist for you and your family

More open positions

Director, Governance, Risk, and Compliance – GRC

Work from home Full-time role

Director, Governance, Risk, and Compliance (GRC)

Work from home Full-time role

GRC Analyst, Federal Programs

Work from home Full-time role

GRC Analyst

Work from home Full-time role

Global intelligence analyst (days/hours tbd)

Work from home Full-time role

Business Intelligence Analyst - Strategic Partnerships

Work from home Full-time role

Inside Sales Contractor

Work from home Full-time role

Overnight Customer Support Representative – Work From Home

Work from home Full-time role

Financial Consultant, Personal Lines FP&A - Remote

Work from home Full-time role

Analista de Operações Financeiras

Work from home Full-time role

Remote Customer Service Representative – Home‑Based Support Specialist for careerzynith Global E‑Commerce Operations

Work from home Full-time role

Director, Partner Solutions, Payward Services

Work from home Full-time role

Medical Audit Coordinator

Work from home Full-time role

[Remote] Senior Talent Partner, Engineering Recruiting

Work from home Full-time role

Director of Career Services

Work from home Full-time role

Night & Weekend Email, Chat, and Phone Customer Experience Specialist – Live Events Enthusiast at careerzynith

Work from home Full-time role

Triage Licensed Practical Nurse, LPN

Work from home Full-time role

[Remote] Sales Enablement Manager, Account Management

Work from home Full-time role

AI Prompts Engineer (Hybrid role-only on W2)-Locals to St. Petersburg, FL.

Work from home Full-time role

Senior Labor Relations Business Partner - Northeast

Work from home Full-time role

Technical Support Engineer - EMEA

Work from home Full-time role