Role: Senior GRC Specialist (Governance, Risk & Compliance)

Location: Atlanta, GA 30324

Duration: 6-12 months+ contract

Department & Reporting Line:

Information Security GRC; reports to the Manager of GRC.

Position Summary/Purpose:

Lead compliance, risk management, and governance activities; align practices with NIST CSF/800-53, TSA SD 1582/21, and CISA Cybersecurity Performance Goals.

Key Responsibilities:

• Maintain enterprise risk register; lead assessments; manage POA&Ms; support internal/external audits
• Lead policy governance; coordinate third-party risk and contract language alignment
• Support BC/DR reviews; develop KRIs and compliance dashboards for leadership
• Serve as POC during DHS/TSA inspections and questionnaires

Required Qualifications:

Bachelor's in InfoSec/Risk/Business or related; 7+ years in compliance/IT audit/risk; certifications such as CISA/CISM/CRISC; experience with GRC platforms.

Preferred Qualifications:

Transportation/public sector/critical infrastructure; TSA/DHS reporting; C2M2/FAIR; CGEIT/CISSP/ITIL.

Skills/Competencies:

Control design/testing, analytical writing, audit communications, discretion with sensitive information.

Working Conditions & Clearance:

Primarily onsite; extended hours during audits; DHS Public Trust eligibility