ABM Industries Logo

ABM Industries

Senior GRC Analyst

Posted Yesterday
Be an Early Applicant
Remote
Hiring Remotely in GA, USA
Senior level
Remote
Hiring Remotely in GA, USA
Senior level
Lead and maintain GRC program activities including risk assessments, control evaluation, remediation tracking, audit and certification coordination (ISO, CMMC, NYDFS), evidence collection, vendor/third-party risk support, and reporting compliance metrics to leadership.
The summary above was generated by AI

Join a team with one shared mission - to make a difference, every person, every day.

We are more than 100,000 team members strong, from all backgrounds and corners of the world, with the talent, experience and compassion that enables us to make an impact. For thousands of clients across the U.S. and in more than 20 global locations, ABM takes care of the people, spaces and places that matter most. We also take care of our team members —ensuring our company is a great place to work, and our communities are safer, healthier, and more sustainable places to be. Every team member at ABM has the opportunity to make a difference. Every day. And we cultivate a culture where our team members feel seen, heard, and valued and can grow a career and a future with us.


ABM is currently seeking a highly motivated and detail-oriented Sr. GRC Analyst to support the organization’s Governance, Risk & Compliance program and ensure alignment with regulatory requirements and industry standards such as ISO 27001, CMMC, NIST, and NYDFS. The Sr. GRC Analyst will support enterprise risk assessments, evaluate control effectiveness, identify risk exposures and control gaps, track remediation efforts, and support cross-functional teams to maintain audit readiness and compliance across the IT and Information Security environment.

Responsibilities

•    Maintain governance documentation, perform risk assessments, and support framework alignment across ISO 27001/27002/27005, NIST, CMMC, NYDFS, NIS2, and other applicable standards.
•    Lead coordination of regulatory and certification assessments (e.g., NYDFS, ISO 27001, CMMC), including risk assessments, Statement of Applicability (SoA) updates, scope management, evidence collection, validation of control documentation, and preparation of attestation support materials.
•    Serve as a point of coordination for certification, regulatory, and audit-related activities across IT and Information Security stakeholders.
•    Support continuous improvement of Governance, Risk & Compliance processes and documentation standards.
•    Maintain accurate records of compliance activities, findings, and remediation status.
•    Support cross-functional teams in maintaining audit readiness and regulatory compliance.
•    Develop and report risk and compliance metrics to leadership and support remediation tracking activities.
•    Perform other duties as assigned, including support of third-party risk management assessments and ongoing vendor monitoring activities, maintenance of risk registers, remediation tracking, and response to client or external cybersecurity requests.
 

Qualifications

Education: 
•    Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent relevant experience.

Experience: 
•    5+ years of experience in Governance, Risk & Compliance (GRC), IT Risk Management, Information Security, or IT Compliance within a regulated or enterprise environment.
•    Experience supporting or coordinating regulatory and certification assessments (e.g., ISO 27001, CMMC, NYDFS, NIST).
•    Experience maintaining risk registers, remediation tracking processes, and governance documentation.
•    Experience coordinating audit evidence collection and supporting internal or external audit activities.
•    Strong understanding of industry standards and frameworks, including ISO 27001/27002/27005, NIST, CMMC, and applicable regulatory requirements.
•    Experience developing compliance metrics and reporting for leadership.
•    Proficiency with GRC platforms and documentation management tools.
•    Strong analytical, organizational, and documentation skills with attention to detail.
•    Effective communication and interpersonal skills, with the ability to collaborate across technical and non-technical stakeholders.
•    Proficiency with remote collaboration tools (e.g., MS Teams) and Microsoft 365 applications, including PowerPoint and Excel, for documentation, control tracking, and metrics reporting.
•    Experience performing or supporting SOC 2 reviews is a plus.
•    Experience supporting ISO certification lifecycle activities (surveillance, recertification, scope expansion).
•    Experience responding to client or external cybersecurity questionnaires and compliance inquiries.

Certifications: 
•    One or more of the following: CISA, CISM, CISSP, or CRISC.
 

About Us
ABM (NYSE: ABM) is one of the world’s largest providers of integrated facility, engineering, and infrastructure solutions. Every day, our over 100,000 team members deliver essential services that make spaces cleaner, safer, and efficient, enhancing the overall occupant experience.
 
ABM serves a wide range of market sectors including commercial real estate, aviation, education, mission critical, and manufacturing and distribution. With over $8 billion in annual revenue and a blue-chip client base, ABM delivers innovative technologies and sustainable solutions that enhance facilities and empower clients to achieve their goals. Committed to creating smarter, more connected spaces, ABM is investing in the future to meet evolving challenges and build a healthier, thriving world. ABM: Driving possibility, together.

ABM is an Equal Employment Opportunity (EEO) employer that does not discriminate on the basis of any trait or characteristic protected by applicable federal, state, or local law, including disability and protected veteran status. ABM is committed to working with and providing reasonable accommodation to individuals with disabilities. If you have a disability and need assistance in completing the employment application, please call 888-328-8606. We will provide you with assistance and make a determination on your request for reasonable accommodation on a case-by-case basis.

ABM participates in the U.S. Department of Homeland Security E-Verify program. E-Verify is an internet-based system used to electronically confirm employment eligibility.

ABM is a military-friendly company proudly employing thousands of men and women who have served in the U.S. military. With ABM, you’ll have access to a world-class training program and ample opportunities to use the skills you developed while serving our country.  Whether you’re looking for a frontline or professional position, you can find post-military career opportunities across ABM.

ABM directs all applicants to apply at www.abm.com/careers. ABM does not accept unsolicited resumes or submissions outside of this portal. Applicants should submit their application by clicking Apply Now.
 
For more information, visit www.abm.com

ABM Industries Aurora, Colorado, USA Office

Aurora, United States

ABM Industries Denver, Colorado, USA Office

Denver, United States

Similar Jobs

2 Hours Ago
Remote
USA
115K-145K Annually
Senior level
115K-145K Annually
Senior level
Information Technology • Security • Software • Cybersecurity
Serve as a hands-on GRC advisor for customers: guide risk assessments, audits (SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST), risk registers, policy and control rollouts; resolve complex GRC questions; create scalable guidance and partner with Support and Customer Success to own escalations and improve the platform.
Top Skills: Grc SoftwareHipaaIso 27001NistPci-DssSoc 2
3 Days Ago
In-Office or Remote
106K-222K Annually
Senior level
106K-222K Annually
Senior level
Events • Analytics • Consulting
Conduct research and deliver strategic advice on risk management and cyber risk quantification. Develop and maintain risk artifacts (standards, procedures, appetite, registry), produce 6–8 research projects yearly, consult with clients, collaborate across Forrester teams, advise vendors, publish insights, and present externally. Support C-suite and risk leaders and travel up to 20%.
Top Skills: Grc Platforms
4 Days Ago
Remote
USA
90K-130K Annually
Senior level
90K-130K Annually
Senior level
Healthtech
Lead and mature the organization's GRC program by maintaining risk registers and control frameworks, driving compliance monitoring, coordinating third-party/vendor risk assessments, applying risk scoring and maturity tracking, managing GRC artifacts (Excel/SharePoint), translating findings for executives, and partnering with stakeholders to implement security policy and process improvements in a regulated healthcare environment.
Top Skills: ExcelGrcHipaa/HitechNist Csf 2.0Sharepoint

What you need to know about the Colorado Tech Scene

With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.

Key Facts About Colorado Tech

  • Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
  • Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
  • Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
  • Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
  • Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account