This role is remote from anywhere in the US.

NEOGOV is a proud AI-Enabled SaaS leader in the Public Sector & Public Safety space with a mission to serve the people who serve the people. Our clients use our software to streamline everyday processes NEOGOV is a leading AI-enabled SaaS provider serving the public sector and public safety organizations nationwide.

For more than 25 years, we’ve helped agencies streamline critical workforce and operational processes through an integrated, intelligent platform. From hiring and onboarding to employee growth, retention, compliance, and public safety operations, our solutions support the full employee lifecycle. Guided by our mission to serve the people who serve the people, we combine innovation, customer focus, and purpose-driven technology to help build stronger communities.

We are seeking a GRC Engineer to ensure governance, risk and compliance across our corporate and customer facing environments. You will collaborate across the organization to embed security compliance into all processes, while building automated workflows that will provide continuous compliance and real-time reporting to our internal and external customers and regulators.

• Automate Compliance: Configure and maintain our GRC platform to automate evidence collection across environments, ensuring 24/7 visibility into our control environment.

• Federal Authorization: Lead the execution of our FedRAMP Moderate authorization lifecycle, including authoring System Security Plans and managing POAMs.

• Framework Management: Maintain and automate compliance with standards such as SOC2 Type II, HIPAA, CJIS and additional regulatory and privacy requirements across multi-cloud environments.

• Policy Development: Draft, implement and enforce clear security and compliance policies.

• Third Party Risk Management: Evaluate the security posture of third party vendor services and software, while driving efficiencies through automated reviews and control validation.

• Compliance-as-Code: Partner with DevOps and Engineering to integrate compliance checks into CI/CD pipelines ensuring security controls are a fundamental part of the software development lifecycle.

• Continuous Monitoring: Oversee our continuous monitoring program and end-to-end lifecycle management of our GRC platform while regularly reporting updates to internal and external stakeholders.

• Business Resiliency: Develop, maintain, and regularly test comprehensive Business Continuity (BCP) and Disaster Recovery (DR) plans, ensuring all documentation is up-to-date and aligns with organizational risks, regulatory requirements, and industry standards.

• Audit Leadership: Act as the primary technical point of contact for audit engagements and customers during assessments.

• Cross-functional Collaboration: Partner with IT, Legal, Engineering, Sales, Services, and HR to provide technical and GRC expertise, translate requirements, ensure alignment for internal and external GRC systems and controls.

• A strong communicator who values cross-functional collaboration.

• A proactive contributor with a mindset for continuous improvement.

What You Have

• Bachelor’s degrees in Computer Science, Information Technology, Cybersecurity or a related field.

• Minimum of 7 years of experience in GRC, Information Security, IT Audit or Engineering

• Strong understanding of industry standard frameworks, regulations and programs, including NIST 800-53, FedRAMP, GovRAMP, HIPAA and CJIS.

• Strong understanding of cloud environments and experience with scripting and automation.

• Hands-on experience using GRC automation tools to scale compliance programs.

• Able to translate regulatory requirements into action.

• CISSP, CISA, or AWS/Azure Security certifications.

• Comprehensive Benefits package (medical, dental, vision, etc.) for full-time employees

• Generous PTO to support work-life balance

• Remote working opportunities

• 401K Matching

• Autonomy to grow and find your career path with supportive leadership

• 12-week Paid Parental Leave

• Inclusive and diverse environment

NEOGOV does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, protected military status, or other non-merit factors.

Our hiring process may include Artificial Intelligence (AI) screening for keywords and minimum qualifications. Recruiters review all results.

#LI_REMOTE