Governance, Risk, and Compliance (GRC) Analyst (1042) - Department of Technology Application Opening: Wednesday, October 15, 2025. Application Deadline: Wednesday, October 29, 2025, 11:59 PM PST. About Department of Technology Department of Technology (DT) is the centralized technology services provider for the City and County of San Francisco. DT delivers critical infrastructure and services to over 33,000 employees, supporting public safety, municipal broadband, cybersecurity, cloud solutions, and more. With a $140M+ annual budget and a team of 300+ experts, DT is leading the charge in digital transformation. Core Areas of IT Excellence IT Project Management Office Enterprise Application Services Cloud Center of Excellence IT Operations and Support including the Service Desk and NOC City Infrastructure including the Network, Telcom and Data Centers Office of Cybersecurity including Cyber Defense, Identity Management and Disaster Recovery Public Safety Systems and Municipal Broadband Fiber SFGovTV Broadcasting Services IT Finance and Administration Services Emerging Technologies Job Description The City and County of San Francisco (City) is excited to be hiring a Governance, Risk, and Compliance (GRC) security analyst. The analyst will support a critical function of the Office of Cybersecurity that will be directly responsible for reducing risks posed to the City. The analyst will be tasked with the important role of identifying, assessing, controlling, and monitoring risks through the Citywide enterprise. They will gain firsthand experience supporting and maturing a GRC program. Responsibilities Perform cyber risk assessments against City cybersecurity requirements. Conduct Vendor Risk Assessments to assess security posture of vendors. Support the cyber awareness training and education program, including phishing simulations. Track and monitor risk mitigation plans. Develop routine reports in accordance with GRC metrics. Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks/hazards. Conduct technical research to aid in threat assessment or risk mitigation activities. Perform assessments of adherence to standards. Perform review of policies and supporting procedures/processes. Stay on top of changes in the industry as it relates to security. Qualifications Minimum Qualifications Associate degree in Computer Science, Computer Engineering, Information Systems, or a closely related field (or equivalent). Minimum 60 semester or 90 quarter credits. One (1) year of experience analyzing, installing, configuring, enhancing, and/or maintaining the components of an enterprise network. Additional work experience may substitute for the required degree on a year‑for‑year basis (up to two years). Desirable Qualifications 1‑2 years working in a cyber GRC type role. Risk Analytics experience within IT. Familiar with cybersecurity frameworks (NIST CSF/RMF, NIST 800‑53, FedRAMP, etc). Familiar with security standards (HIPAA, PCI‑DSS, etc). Familiar with vendor risk management assessments (SOC2, CAIQ, etc). Comfortable having a technical discussion. Proficient in Excel or similar. Ability to define and communicate risk in business‑relevant language. Excellent verbal and written communication skills. Comfortable with quantitative risk management, FAIR. Familiar with GRC platforms (SNOW, LogicGate, OneTrust, etc). Possess security certifications (Security+, CISA, CISM, CRISC, etc). Preferred skills in SharePoint and reporting services. Familiar with privacy concepts. Benefits Competitive pay, benefits, and retirement options. Career growth opportunities through training, internal mobility, and subsidized education. Diverse work environment in a diverse city. Hybrid work schedule. EEO and Diversity Statement The City and County of San Francisco encourages women, minorities, and persons with disabilities to apply. Applicants will be considered regardless of sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition, HIV/AIDS status, genetic information, marital status, sexual orientation, gender identity, gender expression, military and veteran status, or other protected category under the law. How to Apply Applications for City and County of San Francisco jobs are only accepted through an online process. Visit and begin the application process. #J-18808-Ljbffr City and County of San Francisco
Description This position is a Construction Inspector - Electrical Inspector role based onsite at LAX for the next five years... ..., PMIS, Bluebeam, PM Web, ProCore) Ability to work nights, weekends, or variable shifts as required by project demands Must have a vehicle...
...Developer (Customer Service Module) Location: Austin, TX, US (3 days onsite) Mode: Fulltime Note: In person interview from any Wipro office location is fine. Relocation is fine as long as candidate is serious to relocate and join onsite day 1. Must Have skills...
...Nightingale Nurses is seeking a travel nurse RN PICU - Pediatric Intensive Care for a travel nursing job in Memphis, Tennessee. Job Description & Requirements ~ Specialty: PICU - Pediatric Intensive Care ~ Discipline: RN ~ Start Date: 10/06/2025~ Duration...
...Setting: Remote Work station provided! Schedule: Days 8a-5p OR Overnight 1a-8a Start Date: ASAP, emergency privilege's available Duration: 52 weeks. May be open to a 26 week agreement. Powerscribe 4.0 and PRCE tech stack Compensation: RVU structure Requirements...
...Full-Time Live-In or Live-Out Nanny Bronxville, NY A loving family in Bronxville, NY is expecting their first baby boy in February 2025and is seeking a full-time nanny to join their household in March 2025 . The ideal candidate will have prior experience working...