We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
RELI Group, Inc. jobs

Governance, Risk, and Compliance (GRC) Subject Matter Expert

RELI Group, Inc.
$210,000.00 to $310,000.00
United States, Maryland, Windsor Mill
7125 Ambassador Rd (Show on map)
Jul 23, 2025
Job Details
Job Location
Windsor Mill, MD
Remote Type
Fully Remote
Position Type
Full Time
Education Level
4 Year Degree
 
Description

About Us:

At RELI Group, our work is grounded in purpose. We partner with government agencies to solve complex challenges, improve public health, strengthen national security, and make government services more effective and efficient. Our team of over 500 professionals brings deep expertise and a shared commitment to delivering meaningful outcomes. Behind every solution is a group of experts who care deeply about impact-whether we're supporting data-driven decisions, modernizing systems or safeguarding critical programs.

Position Summary:

RELI Group is seeking a skilled Governance, Risk, and Compliance (GRC) Subject Matter Expert (SME) to support the execution of the Information Security and Privacy Services (ISPS) under the Marketplace System Security and Privacy Support Services (MSSPSS) contract for the Centers for Medicare & Medicaid Services (CMS), Center for Consumer Information and Insurance Oversight (CCIIO). This role will support Task 7 and be responsible for interpreting federal security and privacy requirements, aligning governance frameworks, and operationalizing CMS Acceptable Risk Safeguards (ARS), NIST frameworks, and CCIIO-specific compliance programs. The GRC SME will work closely with RELI's program team, CMS stakeholders, and technical specialists to provide regulatory alignment, risk assessments, and compliance implementation across the ACA and NST mission systems.

Responsibilities:



  • Interpret and operationalize CMS, HHS, NIST, OMB, and CISA cybersecurity and privacy policies and frameworks across ACA/NST programs
  • Support the development and enhancement of governance structures, internal controls, and compliance procedures based on CMS IS2P2, ARS 5.0, and the Risk Management Framework (RMF)
  • Perform gap assessments, compliance evaluations, and audit-readiness support for ACA and NST systems and partner entities
  • Develop and update governance artifacts, policies, SOPs, training materials, risk registers, and compliance matrices
  • Support agreement reviews (e.g., ISAs, IEAs, CMAs) and assist in mapping required compliance actions and updates
  • Collaborate with Privacy Analysts, Security Strategists, and Data/BAM Specialists to ensure integrated and consistent GRC implementation
  • Translate changes in federal regulations into actionable guidance for program stakeholders
  • Participate in project work planning, deliverable development (e.g., QAP, PMP), and reporting on GRC metrics to CMS leadership
  • Provide expert input on strategic planning documents, risk remediation activities, and internal quality assurance


Qualifications

  • Bachelor's degree in Cybersecurity, Public Policy, Information Systems, or a related field
  • 6+ years of experience in cybersecurity compliance, risk management, or federal IT governance roles
  • Deep understanding of NIST SP 800-53, 800-30, 800-37, and the Risk Management Framework (RMF)
  • Experience working with CMS Acceptable Risk Safeguards (ARS 5.0), IS2P2, and CMS TRA
  • Demonstrated success supporting federal healthcare programs with security and privacy compliance responsibilities
  • Familiarity with FedRAMP, FISMA, and federal data protection laws (e.g., Privacy Act, HIPAA, FTI handling)
  • Excellent documentation, communication, and cross-team collaboration skills


Preferred Qualifications:



  • Experience with CMS CCIIO Marketplace systems or ACA-related programs
  • Knowledge of the CMS Target Lifecycle (TLC) and associated system documentation
  • Experience contributing to the development of Quality Assurance Plans, training guides, and compliance playbooks
  • GRC certifications such as CGRC (CAP), CIPP/G, or CRISC
  • Experience developing dashboards or metrics for BAM, POA&M tracking, or risk posture assessments


EEO Employer:

RELI Groupis an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

HUBZone:

We encourage all candidates who live in a HUBZone to apply. You can check to see if your address is located in a HUBZone by accessing theSBA HUBZone Map.

The annual salary range for this position is $210,000.00 to $310,000.00.Actual compensation will depend on a range of factors, including but not limited to the individual's skills, experience, qualifications, certifications, location, other business and organizational needs, and applicable employment laws. The estimate displayed represents the typical salary range for this position and is just one component of the total compensation package for employees. RELI Group provides a variety of additional benefits to its employees. For additional details on the benefits that RELI Group offers clickhere


Applied = 0
MORE JOBS LIKE THIS

(web-6886664d94-4mksg)