Demo

Cybersecurity GRC Analyst

Dragonfli Group
Washington, DC Full Time
POSTED ON 4/18/2026
AVAILABLE BEFORE 5/17/2026

About Dragonfli Group

Dragonfli Group is an elite cybersecurity and IT advisory firm specializing in security operations, architecture, governance, and technology implementation for enterprise and regulated industry clients. We are a certified small business with deep experience across federal, financial services, utilities, and professional services sectors.


Overview

This role is for applicants that can be on-site in one of the following locations: Washington, DC, Boston, MA, or Dayton, OH.


Dragonfli Group is sourcing a Cybersecurity GRC Analyst for a client facing engagement. This is a pure-play GRC role supporting an active information security program. The right candidate brings deep compliance execution experience, strong written communication skills, and the ability to operate independently in a complex, high-standards environment.



Responsibilities:

  • Complete client security questionnaires and audit responses using established firm precedent; maintain organized submission records
  • Support compliance monitoring and enforcement against ISO 27001, ISO 42001, NIST, and organizational policies
  • Conduct and document risk assessments, policy reviews, and audit evidence gathering
  • Develop and maintain cybersecurity policies and procedures aligned to regulatory requirements
  • Deliver and track compliance training and awareness initiatives; report outcomes to leadership
  • Support implementation of trust center platforms (Vanta, SafeBase, or equivalent)
  • Assist with AI/ML-enabled GRC monitoring, compliance gap identification, and policy violation detection


Requirements:


Minimum Qualifications

  • 2-5 years supporting information security in large, complex environments
  • Strong working knowledge of ISO 27001, NIST CSF, and related compliance frameworks
  • Excellent written and interpersonal communication skills; able to produce client-ready deliverables
  • Bachelor's degree in computer science, information security, or related field; equivalent experience considered
  • Preferred certifications: CISSP, CISA, CompTIA Security
  • Trust center platform experience (Vanta, SafeBase, etc.) a plus
  • Law firm or professional services environment experience a plus


Skill(s):


  • GRC platform experience (OneTrust, Archer, ServiceNow GRC)
  • Security questionnaire automation tools (Whistic, Responsive, Loopio)
  • Third-party risk management (TPRM) fundamentals
  • SOC 2 Type I/II audit support experience
  • GDPR, CCPA, or other privacy regulation familiarity
  • Evidence collection and audit artifact management
  • Policy lifecycle management
  • Risk register development and maintenance
  • Business continuity and disaster recovery documentation support
  • Strong proficiency in Microsoft 365 (SharePoint, Teams, Word, Excel) for documentation and collaboration
  • Ability to interface directly with client legal, compliance, and IT stakeholders
  • Experience working in a ticketing or GRC workflow environment (Jira, ServiceNow)

Salary.com Estimation for Cybersecurity GRC Analyst in Washington, DC
$116,925 to $146,660
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Cybersecurity GRC Analyst?

Sign up to receive alerts about other jobs on the Cybersecurity GRC Analyst career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$77,991 - $108,747
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$114,790 - $146,930
Income Estimation: 
$142,618 - $183,267
Income Estimation: 
$115,647 - $153,495
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Dragonfli Group

Windows Junior Analyst
Apply
  • Dragonfli Group Washington, DC
  • Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, ... more
  • 3 Days Ago
SOAR & AI Lead
Apply
  • Dragonfli Group Washington, DC
  • Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, ... more
  • 5 Days Ago
Senior Security Systems Developer
Apply
  • Dragonfli Group Washington, DC
  • Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, ... more
  • 8 Days Ago
Data Platform Engineer
Apply
  • Dragonfli Group Washington, DC
  • Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, ... more
  • 10 Days Ago
View More Jobs at Dragonfli Group

Not the job you're looking for? Here are some other Cybersecurity GRC Analyst jobs in the Washington, DC area that may be a better fit.

Cybersecurity GRC Training Analyst
Apply
  • i-Link Solutions Chantilly, VA
  • Job Title: Cybersecurity GRC Training Analyst Location: Remote Department: Cybersecurity Governance, Risk & Compliance Employment Type: Contract Consulting... more
  • 1 Day Ago
Sr Analyst GRC Cybersecurity
Apply
  • NRECA Arlington, VA
  • Job Description NRECA is a unique national trade association providing advocacy, financial services and business support services to over 900 consumer owne... more
  • 26 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!