Job Specifications
About Pole Star:
Pole Star Defense is a leading provider of maritime domain awareness, maritime security, and fisheries monitoring systems to the government sector. Since 1998, we have pushed the limits of innovation, mitigating growing threats to ships, supply chains, cargo, territorial waters and, most importantly, safety of lives at sea and beyond. Today, we continue to develop and implement pioneering intelligence technologies to protect customer vessels, people, maritime domain, and reputation.
The Opportunity:
The GRC Analyst II is responsible for supporting the implementation, maintenance, and continuous improvement of Pole Star’s Governance, Risk, and Compliance programs. This role ensures organizational adherence to CMMC Level 1 and Level 2, ISO 27001, ISO 9001, NIST SP 800-53, NIST SP 800-171, and other applicable regulatory and contractual cybersecurity requirements. The position requires strong analytical skills, attention to detail, and the ability to interact effectively with technical and non-technical stakeholders.
Responsibilities:
Support compliance activities and control implementation associated with CMMC Level 1 and Level 2, ISO 27001, ISO 9001, NIST SP 800-171, and NIST SP 800-53.
Conduct internal audits, gap analyses, and readiness assessments across assigned compliance frameworks.
Collect and maintain evidence demonstrating ongoing control effectiveness.
Collaborate with IT and Security teams to remediate identified deficiencies and implement control improvements.
Assist in developing, updating, and reviewing compliance documentation to ensure continued audit readiness.
Identity & Access Management (IAM)
Support the IAM governance lifecycle, including user provisioning/deprovisioning, access reviews, entitlement certifications, and privileged access oversight.
Ensure IAM processes meet CMMC, NIST SP 800-53 (AC, IA), and NIST SP 800-171 access control requirements.
Work with IT and Security teams to improve IAM procedures, workflows, and documentation.
Corporate Training & Awareness
Coordinate and manage corporate cybersecurity and compliance training programs in alignment with CMMC, NIST SP 800-53 (AT), and ISO training requirements.
Administer annual and new-hire training, role-based training, and privileged user training.
Support and track phishing awareness campaigns and other user-focused security initiatives.
Maintain complete and accurate training records for internal and external audit purposes.
Required Skills:
2–5 years of experience in Governance, Risk & Compliance, cybersecurity, IT audit, or IAM governance.
Working knowledge of CMMC Level 1 and Level 2, NIST SP 800-53, NIST SP 800-171, ISO 27001, and ISO 9001.
Experience conducting audits, risk assessments, control testing, and maintaining compliance documentation.
Understanding of identity and access governance principles, including RBAC, least privilege, and access recertification processes.
Strong analytical, organizational, and written communication skills.
Additional Skills: (Not Mandatory)
CISA, CMMC RA
Ability to obtain DoD Security Clearance
Education/Certifications:
Bachelor’s degree in cybersecurity, information technology, business administration, or a
related field or equivalent experience.
Employee Benefits:
Pole Star offers benefits that are designed to lead an evolving marketplace and
encourage a healthy balance between work and life. Highlights of those benefits are listed below:
Medical insurance for employees and their dependents (Premiums are 100% covered by the Company)
Dental and Vision insurance for employees and their dependents (Premiums are 50% covered by the Company)
Life and Disability insurance, Company funded
20 days annual leave
5 days of Wellbeing leave
Up to a 5% 401k matching
Gym membership subsidy
PTO for Volunteer Day
Refer-a-friend recruitment bonus
Work Schedule Note:
While this position is scheduled for a traditional Monday – Friday work week, our systems run 24/7/365 and as such, you may be expected to perform out of hours, on-call support on an as needed basis. Additional compensation may be available for working on-call, on standby, or during holiday hours.
This is a Public Trust position and requires completion of a State and Federal Criminal History Report (i.e., background check) as well as an FBI Summary History Report. Current and future employment will be contingent upon satisfactory completion of both the Criminal History Report and the FBI Summary History Report.
This position requires use of or access to information subject to the Export Administration Regulations (“EAR”) or the International Traffic in Arms Regulations (“ITAR”). Accordingly, all applicants must be U.S. persons within the meaning of these regulations. Under ITAR, a U.S. person is defined as a U.S. Citizen, U.S. Permanent Resident, or a person who is a protected individual under the immigration and Naturalization Act (8 U.S.C. 1324b(a)(3)).
Pole Star USA is a U.S. Government contractor
About the Company
At Pole Star Defense, we develop and implement pioneering maritime intelligence technologies to protect our customers’ vessels, people, maritime domain, and reputation.
Our customizable, secure, and scalable solutions are designed to enable time-critical decisions and mitigate risk across all facets of maritime activity - from the monitoring of territorial waters, to in-depth vessel investigations, SOLAS, and everything in-between.
Our commitment to mission critical government and defense operations enables you to access b...
Know more