The GRC Analyst leads audit preparations for certifications, develops compliance materials, assists cross-functional teams in tracking controls, and aligns initiatives with regulatory requirements.
Founded in 2015, Shield AI is a venture-backed defense technology company with the mission of protecting service members and civilians with intelligent systems. Its products include the V-BAT aircraft, Hivemind Enterprise, and the Hivemind Vision product lines. With offices in San Diego, Dallas, Washington, D.C., Boston, Abu Dhabi (UAE), Kyiv (Ukraine), and Melbourne (Australia), Shield AI’s technology actively supports U.S. and allied operations worldwide. For more information, visit www.shield.ai. Follow Shield AI on LinkedIn,X, YouTubeand Instagram.
Job Description:
We are seeking a detail-oriented GRC Analyst to support our security and compliance initiatives across the organization. This role will drive the execution of key certifications such as CMMC, ISO 27001, and other industry-related standards, ensuring readiness through audit prep, documentation, and cross-functional coordination. The analyst will develop and maintain customer-facing collateral, including standardized RFI/RFP responses and security whitepapers. They will also monitor internal controls, track remediation efforts, and help align teams with regulatory and contractual requirements. Ideal candidates have a strong understanding of compliance frameworks, excellent communication skills, and experience managing audits in fast-paced environments.
What you'll do:
- Lead audit preparation, execution, and remediation efforts for certifications such as CMMC, ISO 27001, and other industry-aligned standards.
- Develop and maintain security compliance collateral, including policies, whitepapers, and standardized RFI/RFP responses.
- Collaborate with cross-functional teams (Security, IT, Legal, Engineering) to implement and track control requirements.
- Monitor regulatory obligations and maintain audit readiness through continuous assessment and documentation.
- Support customer trust efforts by aligning compliance initiatives with business growth and contractual requirements.
Required qualifications:
- 5+ years of experience in GRC, compliance, or information security roles, with a focus on both commercial and government customer requirements.
- Proven track record of leading audit readiness and certification efforts for frameworks such as CMMC, ISO 27001, NIST 800-53, or similar.
- Strong understanding of regulatory and contractual obligations in both federal and enterprise environments.
- Exceptional communication and documentation skills, with experience developing customer-facing compliance materials.
- Ability to work independently, influence cross-functional teams, and prioritize in a fast-paced, high-growth environment.
Preferred qualifications:
- Experience leading security and compliance programs in defense, aerospace, or other highly regulated environments.
- Deep familiarity with CMMC and ISO 27001 frameworks, along with related government or industry requirements.
- Proven ability to independently interface with customers, address security inquiries, and represent the company’s posture with confidence.
- Industry certifications such as CISSP, CISM, CISA, CRISC, or Certified CMMC Professional (CCP).
- Strong influence skills—able to drive cross-functional results, overcome resistance, and align stakeholders toward compliance goals.
#LI-HM1
#LD
Full-time regular employee offer package:
Pay within range listed + Bonus + Benefits + Equity
Temporary employee offer package:
Pay within range listed above + temporary benefits package (applicable after 60 days of employment)
Salary compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location. All offers are contingent on a cleared background and possible reference check. Military fellows and part-time employees are not eligible for benefits. Please speak to your talent acquisition representative for more information.
###
Shield AI is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.
Top Skills
Cmmc
Iso 27001
Nist 800-53
Shield AI Waltham, Massachusetts, USA Office
500 Totten Pond Road, Waltham, MA, United States, 02451
Similar Jobs
Security • Software • Cybersecurity • Automation
The Senior GRC Analyst will manage governance, risk, and compliance initiatives, ensuring adherence to security frameworks and supporting internal control testing and audit readiness.
Top Skills:
AWSAzureGCP
Healthtech • Insurance • Other • Sales • Software
Lead technical support for escalated issues, analyze support trends, improve workflows, and facilitate training for the Customer Experience team.
Top Skills:
Api-Based PlatformsIntercomJIRALinearNotionSalesforce
Healthtech • Insurance • Other • Sales • Software
As a Business Systems Associate, you'll enhance Spark's systems, ensure data integration, manage workflows, and support cross-functional data reporting.
Top Skills:
AirtableCalendlyDialpadFrontGoogle SheetsNotionPythonSQL
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
