GRC Specialist (governance, risk and compliance) Job at NEFCO, East Hartford, CT

c3lqeFkrTkxsOWFOZnRKQXMwYXU0OHk4NkE9PQ==
  • NEFCO
  • East Hartford, CT

Job Description

Apply

Description

Summary : We are seeking a proactive, detail-oriented, and collaborative GRC (Governance, Risk, and Compliance) Specialist to join our cybersecurity team. This role plays a critical part in ensuring that our organization maintains strong compliance with evolving federal and state regulations while continuously improving our internal security policies, risk posture, and audit readiness.

Key Responsibilities

Governance, Risk, and Compliance

  • Monitor, interpret, and track cybersecurity regulations at both the federal and state levels to assess impact on business operations.
  • Develop, update, and maintain cybersecurity policies and procedures that align with industry standards (e.g., NIST CSF, ISO 27001, CIS Controls, CMMC).
  • Collaborate across departments to ensure policies are implemented and understood throughout the organization.
  • Conduct internal audits and control assessments to evaluate effectiveness and adherence to policies.
  • Create and maintain a risk register, help identify and assess risks, assign ownership, and track mitigation efforts.
  • Support business impact assessments and assist in maintaining business continuity strategies.

Training & Awareness

  • Assist in designing and delivering cybersecurity training and awareness programs.
  • Track training metrics and ensure organization-wide compliance with awareness initiatives.

Frameworks & Certifications

  • Provide support in preparing for security certifications (e.g., SOC 2, ISO 27001, CMMC).
  • Coordinate with external auditors or assessors, gather evidence, and support audit processes.

Incident Response Compliance

  • Ensure incident response policies align with regulatory requirements.
  • Support post-incident reviews with a focus on documentation and lessons learned.

Third-Party & Vendor Risk

  • Coordinate third-party risk assessments to ensure vendors meet security and data protection standards.
  • Track compliance of vendors and service providers against contractual and regulatory obligations.

Metrics & Reporting

  • Develop and maintain dashboards or reports that measure compliance status, audit results, and risk posture.
  • Present findings and trends to the cybersecurity supervisor/director on a regular basis.

Requirements

Requirements :

  • Bachelor's degree in information technology, cybersecurity, or a related field, or equivalent relevant experience
  • 3+ years of experience in cybersecurity GRC, compliance, or related fields
  • Working knowledge of major security standards (NIST, ISO 27001, CIS, etc.)
  • Strong understanding of U.S. federal and state cybersecurity laws and data protection regulations
  • Experience writing and managing cybersecurity policies and procedures
  • Ability to conduct risk assessments, audits, and support certification efforts
  • Familiarity with GRC tools and platforms (e.g., OneTrust, Archer, ServiceNow GRC)
  • Excellent verbal and written communication skills; able to communicate with technical and non-technical stakeholders
  • Strong organizational, time management, and project coordination skills

Preferred Qualifications (Nice To Have)

  • Relevant certifications: Security+, CGRC, CISA, CRISC, or similar
  • Experience supporting SOC 2, ISO 27001, FedRAMP, ITAR or CMMC certification processes
  • Background in security awareness training or program development

Job Tags

Similar Jobs

Intuit

Technical Curriculum Developer, Program Manager Job at Intuit

**Overview**Come join the Technical Learning and Development team as a Sr. Curriculum Developer/Program Manager. We are a fun-loving group of L&D professionals that focus on maximizing Product Development (PD) productivity and enabling Intuit's transformation and growth... 

Broward County Public Schools

ASSISTANT GENERAL COUNSEL Job at Broward County Public Schools

 ...Location: GENERAL COUNSEL Shift Differential : POSITION GOAL To provide legal services for the school district. ESSENTIAL PERFORMANCE RESPONSIBILITIES The Assistant General Counsel shall carry out the performance responsibilities listed below. Perform... 

Select Medical

Wound Care Nurse (RN) Job at Select Medical

**Overview****Position:** Wound Care NurseRegistered Nurse (RN)**Location: Select Specialty Hospital Downtown Phoenix, AZ, inside Banner Univeristy in the 2nd tower on the 11th floor****Schedule: Monday-Friday 8:00am-5:00pm****Compensation: $39.38-53.00 per hour**... 

Banner Health

Senior Ambulatory Pharmacy Technician Job at Banner Health

 ...Department Name:**Admin-Clinic**Work Shift:**Day**Job Category:**Pharmacy**Estimated Pay Range:**$22.06 -...  ...As a **Senior Ambulatory Pharmacy Technician,** you will collaborate with Pharmacists...  .... **This is a remote, work from home position,** **40 hour work week... 

Community Health Systems

Monitor Tech Job at Community Health Systems

**Job Summary**The Monitor Technician is responsible for continuous surveillance of telemetry monitors to assess and document patient cardiac rhythms. Identifies arrhythmias, communicates findings to the healthcare team, and ensures monitoring equipment is functional and...