• Job Description

  Req#: 327853
  About Us:
  At RELI Group, our work is grounded in purpose. We partner with government agencies to solve complex challenges, improve public health, strengthen national security, and make government services more effective and efficient. Our team of over 500 professionals brings deep expertise and a shared commitment to delivering meaningful outcomes. Behind every solution is a group of experts who care deeply about impact-whether we're supporting data-driven decisions, modernizing systems or safeguarding critical programs.
  
  Position Overview
  
  The Entry-Level Cybersecurity Governance, Risk, and Compliance (GRC) Assessor supports cybersecurity compliance and risk management activities within a federal healthcare environment. This role assists in evaluating security controls, conducting risk assessments, and ensuring compliance with federal regulations such as FISMA, HIPAA, and NIST standards.
  
  Key Responsibilities:
  
  Security Control Assessment Support
  
  • Assist in conducting security control assessments using NIST SP 800-53A methodologies
  • Support development of Security Assessment Plans (SAPs) and Rules of Engagement (ROE)
  • Help review System Security Plans (SSPs) and validate implemented controls
  • Document findings for Security Assessment Reports (SARs)
  
  Risk Assessment & Analysis
  
  • Support risk assessments aligned with NIST SP 800-30
  • Identify vulnerabilities, control deficiencies, and potential impacts to systems
  • Assist in developing and updating Plans of Action and Milestones (POA&Ms)
  • Participate in briefings on risk posture and remediation recommendations
  
  Compliance & RMF Support
  
  • Assist in implementing the Risk Management Framework (RMF) lifecycle (Steps 1-6)
  • Support compliance efforts for:
    • FISMA
    • HIPAA Security Rule
    • HITECH
    • OMB and HHS directives
  • Help map regulatory requirements to NIST 800-53 controls
  
  Assessment Preparation & Coordination
  
  • Help coordinate assessment schedules, logistics, and stakeholder communications
  • Assist in preparing briefing materials for System Owners (SOs) and ISSOs
  • Participate in assessment walkthroughs and documentation reviews
  
  Continuous Monitoring Support
  
  • Assist in ongoing security control monitoring aligned with NIST SP 800-137
  • Help track assessment metrics, findings, and remediation status
  • Contribute to monthly and periodic compliance reporting
  
  Documentation & Reporting
  
  • Draft and maintain cybersecurity documentation including:
    • SARs, SAPs, and risk assessment reports
    • SOPs and compliance tracking artifacts
  • Ensure documentation meets federal and organizational standards for quality and accuracy
  
  Collaboration & Training
  
  • Work with senior assessors, ISSOs, and system owners to support compliance activities
  • Participate in training on RMF, control assessments, and federal security requirements
  • Assist in educating stakeholders on assessment processes and expectations
  
  Work Environment & Expectations
  
  • Supports a large, distributed federal healthcare environment with high-impact systems and sensitive data
  • Must be able to work in a team-oriented, compliance-driven environment
  • May require ability to obtain and maintain a Public Trust (Tier 4) clearance
  • Expected to adapt to evolving cybersecurity threats and compliance requirements
  
  
  
  • Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
  • Basic understanding of:
    • Cybersecurity principles (CIA triad)
    • Risk management concepts
    • Security controls and compliance frameworks
  • Familiarity with at least one of the following:
    • NIST 800-53 / RMF
    • FISMA or HIPAA requirements
  • Strong analytical, documentation, and communication skills
  
  
  Preferred Qualifications:
  
  • Internship or academic experience in cybersecurity, compliance, or auditing
  • Exposure to tools such as GRC platforms (e.g., Archer) or vulnerability scanners
  • Entry-level certifications (nice to have):
    • Security+
    • cGRC (formerly CAP)
    • CySA+
  
  EEO Employer:
  
  RELI Group is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
  
  HUBZone:
  
  We encourage all candidates who live in a HUBZone to apply. You can check to see if your address is located in a HUBZone by accessing the SBA HUBZone Map.
  
  The annual salary range for this position is $45,000.00 to $50,000.00. Actual compensation will depend on a range of factors, including but not limited to the individual's skills, experience, qualifications, certifications, location, other business and organizational needs, and applicable employment laws. The estimate displayed represents the typical salary range for this position and is just one component of the total compensation package for employees. RELI Group provides a variety of additional benefits to its employees. For additional details on the benefits that RELI Group offers click here

• About the company

  The best remote jobs for you

Notice