GRC Administrator and Developer

Job Title: - Programmer 3 - GRC Administrator and Developer Location: - Lansing, MI (Hybrid) Duration: - 1 Year with possible to extension Description: Top Skills & Years of Experience: • Python programming (primary requirement) – 2-3+ years • API integration and automation experience – 1-2+ years • Agile methodology experience – 1-2+ years • Risk Management knowledge – 1-2+ years • Database design expertise – 2-3+ years • GRC tool familiarity (preferred) – 1-2+ years Key Responsibilities: • Serve as the primary administrator and developer for the SOM GRC tool (Navex IRM). • Collaborate closely with stakeholders to understand security and compliance requirements and design tailored automation solutions. • Lead automation initiatives for security accreditation processes, including evidence collection, workflow routing, and control reviews to reduce manual effort. • Design and implement unified security controls frameworks aligned with State of Michigan Standards and integrate CJIS v6.0, IRS 1075, PCI (SAQ A, SAQ A-EP), and ARC-AMPE standards. • Develop and maintain Python API modules and automation scripts to import and update compliance controls, integrate CMDB, vulnerability data, and audit evidence for continuous monitoring. • Work cross-functionally with IT, security, and business teams to ingest structured data (JSON, CSV) into the GRC tool and maintain centralized Azure Repos for source control and documentation. • Integrate with RESTful APIs to automate data imports, exports, and reporting in JSON and CSV formats. • Troubleshoot issues, identify solutions, and ensure timely resolution. • Maintain and update system and project documentation (Azure repositories, SharePoint). • Communicate with Navex IRM regarding software issues, maintenance, and upgrades. • Analyze GRC issues/incidents to identify root causes and work with vendor support to implement solutions. • Participate in development activities, including testing, implementation, and documentation. • Perform other duties as assigned. Required Skills and Qualifications: • Python programming experience • Experience developing automation scripts and API integrations (RESTful APIs) • General knowledge of database design • Basic programming skills in Java or C# • Familiarity with DevOps practices and Risk Management concepts • Experience with Agile methodology (e.g., sprints) • Strong troubleshooting and problem-solving skills • Excellent communication and collaboration abilities Preferred Skills: • Experience with automated testing • Knowledge of any GRC tool (Navex IRM experience is a plus) • Understanding of governance, risk, and compliance frameworks • Experience with security frameworks such as CJIS, IRS 1075, PCI, ARC-AMPE