Overview Security Governance Risk & Compliance (GRC) Analyst – Washington, DC - Remote About Virtru: Virtru is a leading data protection provider backed by venture capital firms in Silicon Valley and the Mid-Atlantic. Virtru enables granular data control across platforms with end-to-end encryption for Google, Microsoft, and other data sharing platforms, built on the Trusted Data Format (TDF) standard. Our motto is "Respect the people. Respect the data." We strive to create an atmosphere that sparks creativity, connection, and professional growth while empowering each other to do our best work. Compensation: $130,000-$180,000/year At Virtru you’ll contribute to building a cutting-edge security compliance program aligned with FedRAMP, SOC 2, PCI, HIPAA, GDPR, and other frameworks, while working with tools like Kubernetes, GCP, AWS, and Terraform. We value input from everyone on our team and offer challenging scaling/optimization work to ensure secure and performant services. As a GRC Analyst, you will be the primary point of contact for compliance inquiries and lead efforts to achieve and maintain CMMC compliance, conducting gap analyses and roadmap development, while supporting existing FedRAMP, SOC 2, and PCI DSS programs. Get in touch if you are excited to grow Virtru’s security compliance program. Responsibilities Manage and implement complex controls frameworks for large systems (Cloud infrastructure and SaaS services like GCP, AWS, GitHub, Okta, etc.). Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS. Conduct risk assessments across business units and processes; identify findings and recommend remediation and mitigation strategies. Assist or implement automated controls to support risk mitigation across business units with stakeholders. Incorporate CMMC certification into Virtru’s compliance assessments and monitoring (FedRAMP, SOC 2, PCI). Facilitate third-party vendor onboarding and annual reviews by evaluating current and prospective partners’ security. Participate in incident response activities, providing risk analysis and remediation support as needed. Enhance the team with individual initiative and a love of learning. Skills that will help you thrive Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC experience. Deep understanding of CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy frameworks. Technical acumen with cloud technologies (AWS, GCP, Azure) and familiarity with GRC tools (Hyperproof, Vanta, Drata) and SIEM tools (Datadog, Splunk). Ability to translate risk across business and technical audiences; strong relationship-building. Experience training and coaching teams in security and privacy practices. Autonomous, agile mindset with ownership of security and collaboration across teams. Ability to resolve conflicts and drive issues to completion. Independent work style with high efficiency; experience with vulnerability scanning and cloud security posture tools (Wiz, Prisma Cloud) for compliance. Real-world incident response experience on on-call teams. Familiarity with GitOps and Infrastructure-as-Code concepts. Virtruvian qualities for success Think creatively and respectfully challenge teammates in pursuit of excellence. Strong sense of urgency with an action-oriented mindset. Collaborate and adapt to shifting priorities as business needs evolve. Comfortable with asynchronous communication (Slack, email, Zoom). Benefits & Wellbeing Flexible PTO with 14 holidays to recharge. $1,500 annual Learning & Development stipend. Frequent company-sponsored team celebrations. Employee Assistance Program and Headspace access. 3% retirement contribution; stock options. Flexible time for personal matters and emergencies. Diversity, Equity, Inclusion and Belonging Virtru places a strong emphasis on DE&I and maintains a Council to foster inclusion and psychological safety. Equal Opportunity and Compliance Virtru is an Equal Opportunity Employer and does not discriminate on protected characteristics. We welcome applicants from diverse backgrounds. Voluntary Self-Identification: Completion of this form is voluntary and confidential. This data is used for government reporting purposes and does not affect hiring decisions. #J-18808-Ljbffr Virtru
...Job Description Ethos Medical Staffing is seeking a travel nurse RN Interventional Radiology for a travel nursing job in Atlanta, Georgia. Job Description & Requirements ~ Specialty: Interventional Radiology ~ Discipline: RN ~ Start Date: ASAP ~ Duration...
Come and join the magic with Aulani, A Disney Resort and Spa! We are looking for a part-time Massage Therapist. Perks and benefits may include: Tuition paid upfront at network schools Free lunch Free parking Free theme park admission and much more! Part...
...take your technical skills to the next level? Dev10 provides a path for individuals who... ...to upskill and launch a career in Software Development. Dev10 provides a pathway for... ...learners to gain real-world experience while developing technical skills through immersive...
...by the Corporate Office. Insures a pleasant and productive shopping experience for all customers. Assists the GSM / DM and Human... ...Savings ~ Paid holidays ~ Paid vacation ~ Paid sick time ~ Bass Pro Cares Fund ~ And more! Bass Pro Shops is an equal...
...Sr Admin Associate- Litigation group Newark, NJ 6+ Month Contract Pay range: 35 - 37/hr, W 2 Work Location: HYBRID- Onsite 4 days (Monday-Thursday) |; Remote 1 day. Intake Notes: *High school diploma or G.E.D. required *At least 3 years performing...