Sr. GRC Analyst
Company: DHRM
Location: Richmond
Posted on: April 2, 2026
|
|
|
Job Description:
Title: Sr. GRC Analyst State Role Title: Info Technology
Specialist III Hiring Range: Commensurate with Experience Pay Band:
6 Agency: Department of Taxation Location: Main Street Center
Agency Website: https://www.tax.virginia.gov/work-with-us
Recruitment Type: Agency Employee Only - A Job Duties Are you the
person who finds what everyone else misses? The Virginia Department
of Taxation’s Office of Information Security is looking for a
Senior GRC (Governance, Risk and Compliance) Analyst who brings
curiosity, initiative, and a sharp eye for detail to our security
program. In this role, you won't just check boxes. You'll dig into
the details, ask the hard questions, and help us build a security
program that's as strong in practice as it is on paper. As a Senior
GRC Analyst you will: Identify, assess, and document organizational
risks, and keep stakeholders accountable to resolving them Review
System Security Plans (SSPs) to ensure controls are accurately and
completely described, and engage stakeholders when there are
concerns Test and verify that security controls are actually
working the way they're supposed to, across their full scope
Support internal and external audit events, from evidence gathering
to finding consolidation Manage Plans of Action and Milestones
(POA&Ms) from identification through remediation Develop
security procedures that turn what the organization actually does
into clear, documented practice Provide input on security policies
and standards to help keep them relevant and accurate Please note
that this is an Agency Only recruitment. Only current Virginia
Department of Taxation employees will be considered for this
recruitment. This position is located in our Central Office in
downtown Richmond, Virginia. This position is eligible for a hybrid
telework schedule. The anticipated hiring salary is $130,000
commensurate with experience. As a member of the Virginia Tax team,
you can expect additional benefits such as: • Job stability and
quality of life! Enjoy your work/life balance with flexible
schedule options and up to two days of telework per week. • 12 Paid
State holidays on top of vacation, sick, volunteer, and personal
leave! • Comprehensive and affordable health benefits. • Got
student loans? You may be eligible for the Public Service Loan
Forgiveness program. • Participation in the Virginia Retirement
System, VA 457 Deferred Comp, and more. At Virginia Tax… We are
dedicated, resourceful individuals who strive to exceed our
customers’ expectations. Not only do we serve the public, we are
the public. We are a part of a community that cares about and
celebrates each other, who promote opportunities for growth within
a stable environment, and support a healthy work-life balance. What
we do matters. So do you. Minimum Qualifications Working knowledge
and experience in cybersecurity, information assurance, or a
directly related field with demonstrated GRC responsibilities
Ability to support audit activities, including evidence gathering
and auditor inquiry response Ability to read and critically
evaluate System Security Plans (SSPs) and identify gaps in control
descriptions and scope Experience conducting control assessments
through artifact review and technical observation Working knowledge
of at least one applicable regulatory framework such as IRS 1075,
PCI DSS, or state privacy laws Strong written and verbal
communication skills, with demonstrated ability to work across
technical and non-technical stakeholders CompTIA Security, CEH, or
equivalent foundational certification Addition al Considerations
Hands-on experience with the NIST Risk Management Framework (RMF),
including risk assessment, POA&M management, and continuous
monitoring Knowledge of Commonwealth of Virginia Information
Security Standards and Guidelines, IRS Publication 1075, Payment
Card Industry Data Security Standards, and other industry security
standards Experience translating organizational practices and
procedures into formal control language Familiarity with multiple
regulatory frameworks and the ability to assess controls against
them simultaneously Experience identifying undocumented security
practices and formalizing them into written procedures Advanced
certification such as CISSP, CISM, or CRISC Special Instructions
You will be provided a confirmation of receipt when your
application and/or résumé is submitted successfully. Please refer
to “Your Application” in your account to check the status of your
application for this position. All Virginia Tax employees must be
current with filing their tax returns ensuring they were filed in
compliance with established laws, rules and regulations. Selected
candidate(s) will be required to consent to and successfully pass a
background investigation which includes fingerprint-based criminal
history, tax compliance, and DMV driving record (if applicable)
checks. The selected candidate will be prohibited from performing
tax or accounting services for compensation during or outside
business hours. Virginia Tax is an equal opportunity employer that
values diversity in the workforce. All qualified applicants are
afforded equal opportunities without regard to race, sex, color,
national or ethnic origin, religion, genetics, age, veteran status,
political affiliation, or disability. Reasonable accommodations are
available to applicants with disabilities, if requested, during the
application and/or interview process. If accommodations are needed,
please contact Human Resources at (804) 786-3610. Virginia Tax
participates in E-verify. Consideration for an interview is based
solely on the information within the application and/or resume’. In
support of the Commonwealth’s commitment to inclusion, we are
encouraging individuals with disabilities to apply through the
Commonwealth Alternative Hiring Process. To be considered for this
opportunity, applicants will need to provide their Certificate of
Disability (COD) provided by a Vocational Rehabilitation Counselor
within the Department for Aging & Rehabilitative Services (DARS),
or the Department for the Blind & Vision Impaired (DBVI). Veterans
are encouraged to answer Veteran status questions and submit their
disability documentation, if applicable, to DARS/DBVI to get their
Certificate of Disability. If you need to get a Certificate of
Disability, use this link: Career Pathways for Individuals with
Disabilities, or call DARS at 800-552-5019, or DBVI at
800-622-2155. Contact Information Name: Virginia Tax Talent
Acquisition Team Phone: 804-786-3608 Email:
hroffice@tax.virginia.gov
Keywords: DHRM, Reston , Sr. GRC Analyst, IT / Software / Systems , Richmond, Virginia
