ABM Industries Logo

ABM Industries

Senior GRC Analyst

Posted 2 Hours Ago
Be an Early Applicant
Remote
Hiring Remotely in GA, USA
Senior level
Remote
Hiring Remotely in GA, USA
Senior level
Lead and maintain GRC program activities including risk assessments, control evaluation, remediation tracking, audit and certification coordination (ISO, CMMC, NYDFS), evidence collection, vendor/third-party risk support, and reporting compliance metrics to leadership.
The summary above was generated by AI

Join a team with one shared mission - to make a difference, every person, every day.

We are more than 100,000 team members strong, from all backgrounds and corners of the world, with the talent, experience and compassion that enables us to make an impact. For thousands of clients across the U.S. and in more than 20 global locations, ABM takes care of the people, spaces and places that matter most. We also take care of our team members —ensuring our company is a great place to work, and our communities are safer, healthier, and more sustainable places to be. Every team member at ABM has the opportunity to make a difference. Every day. And we cultivate a culture where our team members feel seen, heard, and valued and can grow a career and a future with us.


ABM is currently seeking a highly motivated and detail-oriented Sr. GRC Analyst to support the organization’s Governance, Risk & Compliance program and ensure alignment with regulatory requirements and industry standards such as ISO 27001, CMMC, NIST, and NYDFS. The Sr. GRC Analyst will support enterprise risk assessments, evaluate control effectiveness, identify risk exposures and control gaps, track remediation efforts, and support cross-functional teams to maintain audit readiness and compliance across the IT and Information Security environment.

Responsibilities

•    Maintain governance documentation, perform risk assessments, and support framework alignment across ISO 27001/27002/27005, NIST, CMMC, NYDFS, NIS2, and other applicable standards.
•    Lead coordination of regulatory and certification assessments (e.g., NYDFS, ISO 27001, CMMC), including risk assessments, Statement of Applicability (SoA) updates, scope management, evidence collection, validation of control documentation, and preparation of attestation support materials.
•    Serve as a point of coordination for certification, regulatory, and audit-related activities across IT and Information Security stakeholders.
•    Support continuous improvement of Governance, Risk & Compliance processes and documentation standards.
•    Maintain accurate records of compliance activities, findings, and remediation status.
•    Support cross-functional teams in maintaining audit readiness and regulatory compliance.
•    Develop and report risk and compliance metrics to leadership and support remediation tracking activities.
•    Perform other duties as assigned, including support of third-party risk management assessments and ongoing vendor monitoring activities, maintenance of risk registers, remediation tracking, and response to client or external cybersecurity requests.
 

Qualifications

Education: 
•    Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent relevant experience.

Experience: 
•    5+ years of experience in Governance, Risk & Compliance (GRC), IT Risk Management, Information Security, or IT Compliance within a regulated or enterprise environment.
•    Experience supporting or coordinating regulatory and certification assessments (e.g., ISO 27001, CMMC, NYDFS, NIST).
•    Experience maintaining risk registers, remediation tracking processes, and governance documentation.
•    Experience coordinating audit evidence collection and supporting internal or external audit activities.
•    Strong understanding of industry standards and frameworks, including ISO 27001/27002/27005, NIST, CMMC, and applicable regulatory requirements.
•    Experience developing compliance metrics and reporting for leadership.
•    Proficiency with GRC platforms and documentation management tools.
•    Strong analytical, organizational, and documentation skills with attention to detail.
•    Effective communication and interpersonal skills, with the ability to collaborate across technical and non-technical stakeholders.
•    Proficiency with remote collaboration tools (e.g., MS Teams) and Microsoft 365 applications, including PowerPoint and Excel, for documentation, control tracking, and metrics reporting.
•    Experience performing or supporting SOC 2 reviews is a plus.
•    Experience supporting ISO certification lifecycle activities (surveillance, recertification, scope expansion).
•    Experience responding to client or external cybersecurity questionnaires and compliance inquiries.

Certifications: 
•    One or more of the following: CISA, CISM, CISSP, or CRISC.
 

About Us
ABM (NYSE: ABM) is one of the world’s largest providers of integrated facility, engineering, and infrastructure solutions. Every day, our over 100,000 team members deliver essential services that make spaces cleaner, safer, and efficient, enhancing the overall occupant experience.
 
ABM serves a wide range of market sectors including commercial real estate, aviation, education, mission critical, and manufacturing and distribution. With over $8 billion in annual revenue and a blue-chip client base, ABM delivers innovative technologies and sustainable solutions that enhance facilities and empower clients to achieve their goals. Committed to creating smarter, more connected spaces, ABM is investing in the future to meet evolving challenges and build a healthier, thriving world. ABM: Driving possibility, together.

ABM is an Equal Employment Opportunity (EEO) employer that does not discriminate on the basis of any trait or characteristic protected by applicable federal, state, or local law, including disability and protected veteran status. ABM is committed to working with and providing reasonable accommodation to individuals with disabilities. If you have a disability and need assistance in completing the employment application, please call 888-328-8606. We will provide you with assistance and make a determination on your request for reasonable accommodation on a case-by-case basis.

ABM participates in the U.S. Department of Homeland Security E-Verify program. E-Verify is an internet-based system used to electronically confirm employment eligibility.

ABM is a military-friendly company proudly employing thousands of men and women who have served in the U.S. military. With ABM, you’ll have access to a world-class training program and ample opportunities to use the skills you developed while serving our country.  Whether you’re looking for a frontline or professional position, you can find post-military career opportunities across ABM.

ABM directs all applicants to apply at www.abm.com/careers. ABM does not accept unsolicited resumes or submissions outside of this portal. Applicants should submit their application by clicking Apply Now.
 
For more information, visit www.abm.com

Similar Jobs

2 Days Ago
In-Office or Remote
Cambridge, MA, USA
106K-222K Annually
Senior level
106K-222K Annually
Senior level
Events • Analytics • Consulting
Conduct research and deliver strategic advice on risk management and cyber risk quantification. Develop and maintain risk artifacts (standards, procedures, appetite, registry), produce 6–8 research projects yearly, consult with clients, collaborate across Forrester teams, advise vendors, publish insights, and present externally. Support C-suite and risk leaders and travel up to 20%.
Top Skills: Grc Platforms
3 Days Ago
Remote
USA
90K-130K Annually
Senior level
90K-130K Annually
Senior level
Healthtech
Lead and mature the organization's GRC program by maintaining risk registers and control frameworks, driving compliance monitoring, coordinating third-party/vendor risk assessments, applying risk scoring and maturity tracking, managing GRC artifacts (Excel/SharePoint), translating findings for executives, and partnering with stakeholders to implement security policy and process improvements in a regulated healthcare environment.
Top Skills: ExcelGrcHipaa/HitechNist Csf 2.0Sharepoint
2 Days Ago
Remote
U.S.
130K-160K Annually
Senior level
130K-160K Annually
Senior level
HR Tech • Payments • Software • Financial Services
The Senior GRC Analyst will manage governance, risk, compliance, and audit readiness programs, ensuring security policies and compliance frameworks are adhered to, while collaborating with various teams across the company.
Top Skills: Compliance Automation ToolsGrc PlatformsHitrustIso 27001Nist CsfSoc 2

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account