Business Analyst 5

Shiro App

Lansing, MIPosted March 30, 2026
Full-timeHybridMid-level1099C2CCorp-to-Corp

Required Skills

CybersecurityCJISNISTFERPAFOIAPSPsPOAMs

Work Authorization

US CitizenGreen CardH1BGreen Card EADCPTTN VisaL2 EADC2CC2HHybridHybrid-OnSite
  • We are seeking a detail-oriented IT Risk & Compliance Analyst to support enterprise security policy, risk management, and compliance initiatives. This role focuses on developing and aligning policies, standards, and procedures (PSPs) with regulatory frameworks, addressing audit findings, and supporting security accreditation processes. The ideal candidate will have experience working with government or regulated environments and a strong understanding of security frameworks and risk mitigation strategies.

Key Responsibilities

  • Risk & Compliance Management
  • Develop and implement security policies, standards, and procedures (PSPs) aligned with regulatory frameworks
  • Identify and address audit gaps through risk-based recommendations and mitigation plans
  • Support the Security Accreditation Process and align policies with Plan of Action & Milestones (POAMs)
  • Review and analyze existing policies to improve alignment and reduce enterprise burden

Policy Governance & Optimization

  • Manage and streamline policy lifecycle processes
  • Evaluate impacts of policy changes and ensure proper implementation
  • Promote consistency and alignment across organizational security policies

Stakeholder Collaboration

  • Facilitate cross-functional meetings to drive consensus on security policies
  • Partner with Information Security Officers (ISO) and compliance teams
  • Communicate and socialize security policies across the organization
  • Gather feedback and ensure effective adoption of governance practices

Security & Compliance Support

  • Support application security scanning efforts and compliance tracking
  • Assist with development and maintenance of System Security Plans (SSPs)
  • Monitor and report on compliance posture and risk exposure

Required Qualifications

  • Bachelor’s degree in information technology, Cybersecurity, or related field
  • 1–2+ years of experience with each of the following:
  • CJIS (Criminal Justice Information Services)
  • NIST frameworks
  • FERPA compliance
  • FOIA requirements
  • Keylight (risk/compliance platform)
  • System Security Plans (SSPs)
  • Application security scanning tools
  • Plan of Action & Milestones (POAMs)
  • Strong understanding of risk management and compliance frameworks

Key Skills

  • Risk Analysis & Mitigation
  • Security Policy Development & Governance
  • Compliance Frameworks (CJIS, NIST, FERPA, FOIA)
  • POAM & Audit Remediation
  • Application Security & SSP Documentation
  • Stakeholder Communication & Facilitation
  • Process Improvement & Documentation

Soft Skills

  • Excellent communication and stakeholder engagement skills
  • Strong organizational and analytical abilities
  • Customer-focused mindset with attention to detail
  • Ability to manage multiple priorities in a fast-paced environment