GRC Administrator and Developer
Posted
PSR Associates is a consulting and talent solutions firm that connects qualified IT professionals with great opportunities. Whether you're looking for a contract or permanent position, we can help you find the right fit for your skills and experience. We have a team of experienced recruiters who know the IT industry inside and out, and we work with you every step of the way to ensure a smooth and successful transition. PSR Connecting Talent, Crafting Success.
GRC Administrator and Developer
We are seeking a GRC Administrator and Developer to join our team. The selected candidate will work a hybrid schedule consisting of two (2) days each week onsite in Lansing, MI and three days each week remotely.Position Summary: This position is part of a collaborative team of information technology professionals dedicated to supporting a state government agency s mission and goals. The role focuses on maintaining and enhancing a web-based Governance, Risk, and Compliance (GRC) tool (Navex IRM, formerly Keylight). Responsibilities include administration, development, troubleshooting, and implementing new functionality. The position may also involve working on new development projects, testing, documentation, and cross-team collaboration with state cybersecurity, internal audit, office of the chief technology officer, and enterprise project management teams. Key Responsibilities
***Please note that any false information on your resume or application could lead to the offer being withdrawn or even termination after hire.***
GRC Administrator and Developer
We are seeking a GRC Administrator and Developer to join our team. The selected candidate will work a hybrid schedule consisting of two (2) days each week onsite in Lansing, MI and three days each week remotely.Position Summary: This position is part of a collaborative team of information technology professionals dedicated to supporting a state government agency s mission and goals. The role focuses on maintaining and enhancing a web-based Governance, Risk, and Compliance (GRC) tool (Navex IRM, formerly Keylight). Responsibilities include administration, development, troubleshooting, and implementing new functionality. The position may also involve working on new development projects, testing, documentation, and cross-team collaboration with state cybersecurity, internal audit, office of the chief technology officer, and enterprise project management teams. Key Responsibilities
- Serve as the primary administrator and developer for the State of Michigan s GRC tool (Navex IRM).
- Collaborate closely with stakeholders to understand security and compliance requirements and design tailored automation solutions.
- Lead automation initiatives for security accreditation processes, including evidence collection, workflow routing, and control reviews to reduce manual effort.
- Design and implement unified security controls frameworks aligned with State of Michigan Standards and integrate CJIS v6.0, IRS 1075, PCI (SAQ A, SAQ A-EP), and ARC-AMPE standards.
- Develop and maintain Python API modules and automation scripts to import and update compliance controls, integrate CMDB, vulnerability data, and audit evidence for continuous monitoring.
- Work cross-functionally with IT, security, and business teams to ingest structured data (JSON, CSV) into the GRC tool and maintain centralized Azure Repos for source control and documentation.
- Integrate with RESTful APIs to automate data imports, exports, and reporting in JSON and CSV formats.
- Troubleshoot issues, identify solutions, and ensure timely resolution.
- Maintain and update system and project documentation (Azure repositories, SharePoint).
- Communicate with Navex IRM regarding software issues, maintenance, and upgrades.
- Analyze GRC issues/incidents to identify root causes and work with vendor support to implement solutions.
- Participate in development activities, including testing, implementation, and documentation.
- Perform other duties as assigned.
- Python programming experience
- Experience developing automation scripts and API integrations (RESTful APIs)
- General knowledge of database design
- Basic programming skills in Java or C#
- Familiarity with DevOps practices and Risk Management concepts
- Experience with Agile methodology (e.g., sprints)
- Strong troubleshooting and problem-solving skills
- Excellent communication and collaboration abilities
- Experience with automated testing
- Knowledge of any GRC tool (Navex IRM experience is a plus)
- Understanding of governance, risk, and compliance frameworks
- Experience with security frameworks such as CJIS, IRS 1075, PCI, ARC-AMPE
- Python programming (primary requirement) 2-3+ years
- API integration and automation experience 1-2+ years
- Agile methodology experience 1-2+ years
- Risk Management knowledge 1-2+ years
- Database design expertise 2-3+ years
- GRC tool familiarity (preferred) 1-2+ years
***Please note that any false information on your resume or application could lead to the offer being withdrawn or even termination after hire.***
