Job Description
Genesis10 is currently seeking a Governance, Risk, and Compliance (GRC) Analyst for an onsite position with a Public Sector Organization located in Austin, TX. This is a 12+ month contract opportunity. This role is responsible for advancing and operationalizing the organization's governance, risk, and compliance program across cybersecurity, regulatory, and enterprise risk domains. The position will focus on high-priority initiatives including regulatory audits, NIST CSF alignment, Microsoft Purview data governance capabilities, vendor risk management, and GRC tooling implementation to reduce regulatory exposure and strengthen audit readiness. Responsibilities: Design and deploy enterprise information retention policies using Microsoft Purview Develop labeling and classification taxonomies, exception handling processes, and end-user guidance Configure and support Microsoft Purview Insider Risk Management capabilities, including alert tuning, workflows, and misuse detection scenarios Support and mature the enterprise GRC program, ensuring alignment with internal governance requirements and external regulatory obligations Develop, maintain, and document security and compliance controls, policies, standards, and supporting procedures Lead or support the evaluation and selection of a formal GRC technology platform Perform current state assessments of the security program against the NIST Cybersecurity Framework (CSF) Develop target state profiles, gap analyses, and prioritized remediation roadmaps Maintain and enhance the third-party vendor risk management program Support business continuity and disaster recovery planning by assisting with risk analysis and documentation Coordinate and support multiple regulatory and internal audits Prepare audit evidence, manage control documentation, track findings, and support remediation ac