Technical Security Risk & Governance Analyst - 26-01643

Technical Security Risk & Governance Analyst

Location: Harrisburg, PA (Hybrid – 2 days onsite per week)

Type: Contract

Full-Time | 40 hours/week
Local candidates within 2 hours preferred

Position Summary

"Navitas Partners, LLC" is seeking a Technical Security Risk & Governance Analyst to support enterprise cybersecurity risk, compliance, and governance initiatives. This role conducts risk assessments, control testing, audit coordination, and GRC activities across on-prem, cloud (IaaS/PaaS/SaaS), and hybrid environments.

Key Responsibilities

• Perform technical risk assessments; document likelihood, impact, and mitigation plans.

• Conduct control testing aligned with NIST CSF/800-53, CIS Controls, ISO 27001 , and applicable regulatory requirements (CJIS, IRS Pub 1075, HIPAA, FERPA, PCI DSS).

• Support ATO processes, security attestations, and continuous monitoring.

• Manage policies, standards, control libraries, and risk registers within GRC platforms.

• Coordinate internal/external audits, evidence collection, and remediation tracking.

• Govern vulnerability management (SLA tracking, exceptions, risk acceptance).

• Perform third-party/vendor security reviews (SOC 2, ISO certifications, cloud providers).

• Develop dashboards (Excel/Power BI) and present risk posture to leadership.

• Provide security guidance for incidents and change management activities.

Required Qualifications

• Bachelor’s degree in Information Security, IT, Computer Science, or related field (or equivalent experience).

• 3+ years of experience in information security, risk management, or audit.

• Hands-on experience with technical assessments, configuration validation, and vulnerability interpretation.

• Experience using GRC tools and developing risk treatment plans.

• Strong knowledge of IAM, network security, encryption, SIEM/logging, and cloud security principles.

• Strong analytical, documentation, and executive communication skills.

Preferred

• Certifications: CISSP, CISM, CRISC, CGRC (CAP), Security+, CCSK/CCSP, CISA.

• AWS/Azure cloud security certifications.

For more details reach at [email protected]

About Navitas Partners, LLC: It is a certified WBENC and one of the fastest-growing Technical / IT staffing firms in the US providing services to numerous clients. We offer the most competitive pay for every position. We understand this is a partnership. You will not be blindsided and your salary will be discussed upfront.