The GRC Analyst leads audit preparations for certifications, develops compliance materials, assists cross-functional teams in tracking controls, and aligns initiatives with regulatory requirements.
Founded in 2015, Shield AI is a venture-backed defense technology company with the mission of protecting service members and civilians with intelligent systems. Its products include the V-BAT aircraft, Hivemind Enterprise, and the Hivemind Vision product lines. With offices in San Diego, Dallas, Washington, D.C., Boston, Abu Dhabi (UAE), Kyiv (Ukraine), and Melbourne (Australia), Shield AI’s technology actively supports U.S. and allied operations worldwide. For more information, visit www.shield.ai. Follow Shield AI on LinkedIn,X, YouTubeand Instagram.
Job Description:
We are seeking a detail-oriented GRC Analyst to support our security and compliance initiatives across the organization. This role will drive the execution of key certifications such as CMMC, ISO 27001, and other industry-related standards, ensuring readiness through audit prep, documentation, and cross-functional coordination. The analyst will develop and maintain customer-facing collateral, including standardized RFI/RFP responses and security whitepapers. They will also monitor internal controls, track remediation efforts, and help align teams with regulatory and contractual requirements. Ideal candidates have a strong understanding of compliance frameworks, excellent communication skills, and experience managing audits in fast-paced environments.
What you'll do:
- Lead audit preparation, execution, and remediation efforts for certifications such as CMMC, ISO 27001, and other industry-aligned standards.
- Develop and maintain security compliance collateral, including policies, whitepapers, and standardized RFI/RFP responses.
- Collaborate with cross-functional teams (Security, IT, Legal, Engineering) to implement and track control requirements.
- Monitor regulatory obligations and maintain audit readiness through continuous assessment and documentation.
- Support customer trust efforts by aligning compliance initiatives with business growth and contractual requirements.
Required qualifications:
- 5+ years of experience in GRC, compliance, or information security roles, with a focus on both commercial and government customer requirements.
- Proven track record of leading audit readiness and certification efforts for frameworks such as CMMC, ISO 27001, NIST 800-53, or similar.
- Strong understanding of regulatory and contractual obligations in both federal and enterprise environments.
- Exceptional communication and documentation skills, with experience developing customer-facing compliance materials.
- Ability to work independently, influence cross-functional teams, and prioritize in a fast-paced, high-growth environment.
Preferred qualifications:
- Experience leading security and compliance programs in defense, aerospace, or other highly regulated environments.
- Deep familiarity with CMMC and ISO 27001 frameworks, along with related government or industry requirements.
- Proven ability to independently interface with customers, address security inquiries, and represent the company’s posture with confidence.
- Industry certifications such as CISSP, CISM, CISA, CRISC, or Certified CMMC Professional (CCP).
- Strong influence skills—able to drive cross-functional results, overcome resistance, and align stakeholders toward compliance goals.
#LI-HM1
#LD
Full-time regular employee offer package:
Pay within range listed + Bonus + Benefits + Equity
Temporary employee offer package:
Pay within range listed above + temporary benefits package (applicable after 60 days of employment)
Salary compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location. All offers are contingent on a cleared background and possible reference check. Military fellows and part-time employees are not eligible for benefits. Please speak to your talent acquisition representative for more information.
###
Shield AI is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know.
Top Skills
Cmmc
Iso 27001
Nist 800-53
Similar Jobs
Security • Software • Cybersecurity • Automation
The Senior GRC Analyst will manage governance, risk, and compliance initiatives, ensuring adherence to security frameworks and supporting internal control testing and audit readiness.
Top Skills:
AWSAzureGCP
Cloud • Consumer Web • eCommerce • Information Technology • Software
As a Lead Infrastructure Engineer, you will enhance database infrastructure stability, automate systems, and drive projects to completion. You will collaborate across teams and participate in on-call rotations while using various technologies including Golang and Docker.
Top Skills:
Amazon EcsAnsibleChefDockerGoKubernetesLightstepNew RelicNomadPrometheusPuppetRubyScalaSentryTerraform
Digital Media • Gaming • Information Technology • Software • Sports • Esports • Big Data Analytics
The VIP Services Representative enhances player experiences and engagement, executing VIP strategies and building relationships with top customers.
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
