Job Title

GOVERNANCE, RISK, & COMPLIANCE ANALYST - 72004167 Date: Apr 13, 2026 The State Personnel System is an E-Verify employer. For more information click on our E-Verify Website (. Requisition No: 873623 Agency: Management Services Working Title: GOVERNANCE, RISK, & COMPLIANCE ANALYST - 72004167 Pay Plan: Career Service Position Number: 72004167 Salary: $70,000 - $95,000 Posting Closing Date: 04/27/2026 Total Compensation Estimator Tool ( Governance, Risk, and Compliance Analyst Florida Digital Service State of Florida Department of Management Services This position is located in Tallahassee, FL The Governance, Risk, & Compliance (GRC) Analyst supports enterprise-wide governance, risk, and compliance functions across data, cybersecurity, project management oversight, and enterprise architecture domains. This role advances statewide Digital Forward initiatives and ensures alignment with FLDS, NIST, and DAMA-DMBOK frameworks. DUTIES & RESPONSIBILITIES: Governance & GRC Program Activities + Support GRC operations across multiple domains (cybersecurity, data governance, enterprise architecture, and project oversight). + Assist in implementation and adoption of a Unified Enterprise GRC Solution, enabling centralized risk tracking, compliance monitoring, and reporting. + Participate in governance activities including development, review, and maintenance of policies, standards, procedures, and guidelines. + Develop and maintain templates, playbooks, and process guides aligned with FLDS requirements, NIST CSF, and DAMA-DMBOK. + Support enterprise governance forums, working groups, and cross-agency collaboration efforts. + Assist in development and delivery of training, awareness materials, and governance documentation. Risk Management & Assessment Activities + Support development, facilitation, and tracking of: o Triennial enterprise cybersecurity risk assessments o Annual agency strategic and operational plans o Risk remediation plans and recommendations + Track risk findings, remediation progress, and maturity improvements across agencies. + Integrate vulnerability, audit, and assessment findings into enterprise risk management processes. + Assist agencies in identifying risks, prioritizing mitigation strategies, and aligning with statewide standards. + Contribute to maturity model assessments that measure agency capability and progress over time. Compliance & Audit Support Activities + Support compliance monitoring and audit readiness across multiple regulatory domains. + Assist with internal and external audits, documentation collection, and remediation tracking. + Analyze compliance against: o FLDS policies and standards o NIST Cybersecurity Framework o DAMA-DMBOK data governance practices + Facilitate coordination with agencies and stakeholders for audit activities and reporting. + Support development of compliance metrics, dashboards, and reporting capabilities. Data Governance & Enterprise Initiatives + Support implementation of a Data Governance Framework that promotes secure data sharing and collaboration. + Assist with development of governance artifacts including: o Data standards o Data sharing agreements o Authoritative data source identification + Contribute to enterprise data maturity assessments and data literacy initiatives. + Support federated governance efforts that balance enterprise oversight with agency autonomy. Digital Forward Initiative Support Support key statewide initiatives including: + Strengthening enterprise cybersecurity maturity through a unified GRC solution + Establishing maturity models for continuous improvement + Implementing secure data sharing and interoperability frameworks + Increasing operational technology (OT) cybersecurity maturity to ensure resilient environments Professional Development & Other Duties + Maintain knowledge of emerging GRC, cybersecurity, data governance, and enterprise architecture practices. + Obtain and maintain relevant certifications and continuing education. + Perform other duties as assigned. + Other duties as required. Knowledge, skills, and abilities, including utilization of equipment, required for the position + Knowledge of governance, risk, and compliance principles across cybersecurity, data, and enterprise IT domains + Familiarity with frameworks such as NIST CSF, NIST 800-53, and DAMA-DMBOK + Ability to analyze risk, compliance, and governance data to support decision-making + Ability to develop policies, standards, and procedural documentation + Strong stakeholder engagement and facilitation skills + Ability to manage multiple initiatives in a fast-paced environment + Strong analytical, organizational, and problem-solving skills MINIMUM QUALIFICATIONS: Education + Experience in governance, risk, compliance, audit, or IT-related functions + Experience working with frameworks such as NIST, ISO, or data governance standards + Ability to support enterprise-level initiatives and cross-functional collaboration Nice to have + Experience with GRC tools or enterprise risk platforms + Experience with public sector governance or statewide IT initiatives + Knowledge of data governance frameworks and practices + Experience supporting audits, risk assessments, or compliance programs Highly Preferred Certifications CISA, GSEC, CISSP-ISSEP, CRISC, CGEIT, DAMA CDMP Preferred Certifications Security+, CISSP, CISM, SSCP, PMI-RMP Desirable education + Bacheloru2019s degree in information systems, cybersecurity, data management, public administration, or related field + Graduate degree preferred. On-the-Job Certification/Training Schedule Within 12 months obtain one of the following professional certifications: CompTIA Security+, ISACA CISA, DAMA CDMP Associate Within 24 months obtain one of the following professional certifications ISC2 CISSP, ISACA CRISC, PMI-RMP, or DAMA CDMP Practitioner Other job-related requirements for this position Criminal background investigation including fingerprinting and statewide and national criminal history records check per Section 110.1127 Florida Statutes, Chapter 435 Florida Statutes, and the Federal Bureau of Investigationu2019s CJIS Security Policy CJISD-ITS-DOC-08140-4.5 Pursuant to F.S. 215.422 every officer or employee who is responsible for the approval or processing of vendorsu2019 invoices or distribution of warrants to vendors are mandated to process, resolve, and comply as section 215.422 requires Ability to sit for extended periods of time. Ability to stand for extended periods of time. Ability to drive and/or fly for long distances. Ability to lift, push and pull up to 30lbs. Our Organization and Mission: Under the direction of Governor Ron DeSantis, Interim Secretary Tom Berger and DMSu2019 Executive Leadership Team, the Florida Department of Management Services (DMS) is a customer-oriented agency with a broad portfolio that includes the efficient use and management of real estate, procurement, human resources, group insurance, retirement, telecommunications, fleet, and federal property assistance programs used throughout Floridau2019s state government. It is against this backdrop that DMS strives to demonstrate its motto, u201cWe serve those who serve Florida.u201d Special Notes: DMS is committed to successfully recruiting and onboarding talented and skilled individuals into its workforce. We recognize the extensive training, experience and transferrable skills that veterans and individuals with disabilities bring to the workforce. Veterans and individuals with disabilities are encouraged to contact our recruiter for guidance and answers to questions through the following provided email addresses: An individual with a disability is qualified if he or she satisfies the skills, experience, and other job related requirements for a position and can perform the essential functions of the position with or without reasonable accommodation. Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must contact the DMS Human Resources (HR) Office at (850) 488-2707. DMS requests applicants notify HR in advance to allow sufficient time to provide the accommodation. Criminal background investigation including fingerprinting and statewide and national criminal history records check per Section 110.1127 Florida Statutes, Chapter 435 Florida Statutes and the Federal Bureau of Investigationu2019s CJIS Security Policy CJISD-ITS-DOC-08140. Pursuant to F.S. 215.422 every officer or employee who is responsible for the approval or processing of vendorsu2019 invoices or distribution of warrants to vendors are mandated to process, resolve and comply as section 215.422 requires Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must notify the agency hiring authority and/or People First Service Center (1-866-663-4735). Notification to the hiring authority must be made in advance to allow sufficient time to provide the accommodation. The State of Florida supports a Drug-Free workplace. All employees are subject to reasonable suspicion drug testing in accordance with Section 112.0455, F.S., Drug-Free Workplace Act. VETERANSu2019 PREFERENCE. Pursuant to Chapter 295, Florida Statutes, candidates eligible for Veteransu2019 Preference will receive preference in employment for Career Service vacancies and are encouraged to apply. Certain service members may be eligible to receive waivers for postsecondary educational requirements. Candidates claiming Veteransu2019 Preference must attach supporting documentation with each submission that includes character of service (for example, DD Form 214 Member Copy #4) along with any other documentation as required by Rule 55A-7, Florida Administrative Code. Veteransu2019 Preference documentation requirements are available by clickinghere (. All documentation is due by the close of the vacancy announcement. Location: TALLAHASSEE, FL, US, 32399 Nearest Major Market:Tallahassee