About the Opportunity
Job Summary
The Governance, Risk, and Compliance (GRC) Analyst supports compliance and governance initiatives for both government and higher education environments. Core responsibilities include implementing and maintaining National Institute of Standards and Technology (NIST)-compliant frameworks, supporting Cybersecurity Maturity Model Certification (CMMC) requirements, and ensuring adherence to security controls across diverse environments. The GRC Analyst will collaborate with teams to assess risk, manage compliance documentation, and ensure that security frameworks and controls are implemented effectively and efficiently.
This position requires occasional availability outside of traditional working hours to address urgent business needs, including responding to security incidents, supporting software deployments, resolving software issues or system breaks, and addressing other critical operational requirements. The GRC Analyst mitigates disruption to business operations by promptly addressing issues as they arise.
This is a hybrid role requiring a minimum of three days per week in the Boston office to facilitate collaboration, direct engagement with staff and students, and contribute to a dynamic on-campus work environment.
Applicants must be authorized to work in the United States. The University is unable to sponsor this role, now or in the future.
Minimum Qualifications
Proficiency with Cybersecurity Maturity Model Certification (CMMC) and NIST frameworks and controls
Knowledge of compliance standards in government and higher education environments
Effective written and verbal communication skills with the ability to convey complex compliance requirements to stakeholders at various organizational levels
Adaptable, with high initiative and a strong sense of urgency
Ability to analyze complex data, identify patterns, and translate findings into actionable insights, as well as evaluate risks and develop appropriate responses
Bachelor's degree and at least 2–4 years of relevant experience required
Key Responsibilities & Accountabilities
Support CMMC compliance efforts within a government environment (25%)
Assist in implementing NIST-based security frameworks and controls in a higher education setting (25%)
Conduct risk assessments and audits to ensure compliance with security standards (25%)
Develop and maintain compliance documentation and reporting (25%)
Position Type
Legal and Regulatory AdministrationAdditional Information
Northeastern University considers factors such as candidate work experience, education and skills when extending an offer.
Northeastern has a comprehensive benefits package for benefit eligible employees. This includes medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement- as well as commuting & transportation. Visit https://hr.northeastern.edu/benefits/ for more information.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
Compensation Grade/Pay Type:
110SExpected Hiring Range:
$76,335.00 - $107,823.75With the pay range(s) shown above, the starting salary will depend on several factors, which may include your education, experience, location, knowledge and expertise, and skills as well as a pay comparison to similarly-situated employees already in the role. Salary ranges are reviewed regularly and are subject to change.