GRC Administrator and Developer

Title: GRC Administrator and Developer Location: Lansing, MI - Hybrid Rate: $45/Hr Note: This position is a contract on W2, and is NOT open to C2C . Position Summa ryThis position is part of a collaborative team of information technology professionals dedicated to supporting the agency’s mission and goals. The role focuses on maintaining and enhancing the client’s Web-based Governance, Risk, and Compliance (GRC) tool, Navex IRM (formerly Keylight). Responsibilities include administration, development, troubleshooting, and implementing new functionality. The position may also involve working on new development projects, testing, documentation, and cross-team collaboration with Michigan Cyber Security, Office of Internal Audit Systems, Office of the Chief Technology Officer, and the Enterprise Project Management Offic e. Key Responsibilit • iesServe as the primary administrator and developer for the client’s GRC tool (Navex IR • M).Collaborate closely with stakeholders to understand security and compliance requirements and design tailored automation solutio • ns.Lead automation initiatives for security accreditation processes, including evidence collection, workflow routing, and control reviews to reduce manual effo • rt.Design and implement unified security controls frameworks aligned with client Standards and integrate CJIS v6.0, IRS 1075, PCI (SAQ A, SAQ A-EP), and ARC-AMPE standar • ds.Develop and maintain Python API modules and automation scripts to import and update compliance controls, integrate CMDB, vulnerability data, and audit evidence for continuous monitori • ng.Work cross-functionally with IT, security, and business teams to ingest structured data (JSON, CSV) into the GRC tool and maintain centralized Azure Repos for source control and documentati • on.Integrate with RESTful APIs to automate data imports, exports, and reporting in JSON and CSV forma • ts.Troubleshoot issues, identify solutions, and ensure timely resoluti • on.Maintain and update system and project documentation (Azure repositories, SharePoin • t).Communicate with Navex IRM regarding software issues, maintenance, and upgrad • es.Analyze GRC issues/incidents to identify root causes and work with vendor support to implement solutio • ns.Participate in development activities, including testing, implementation, and documentati • on.Perform other duties as assign ed. Required Skills and Qualificat • ionsPython programming experi • enceExperience developing automation scripts and API integrations (RESTful A • PIs)General knowledge of database de • signBasic programming skills in Java o • r C#Familiarity with DevOps practices and Risk Management conc • eptsExperience with Agile methodology (e.g., spri • nts)Strong troubleshooting and problem-solving sk • illsExcellent communication and collaboration abili ties Preferred S • killsExperience with automated te • stingKnowledge of any GRC tool (Navex IRM experience is a • plus)Understanding of governance, risk, and compliance frame • worksExperience with security frameworks such as CJIS, IRS 1075, PCI, ARC -AMPE Top Skills S • ummaryPython programming (primary requirement) – 2-3+ • yearsAPI integration and automation experience – 1-2+ • yearsAgile methodology experience – 1-2+ • yearsRisk Management knowledge – 1-2+ • yearsDatabase design expertise – 2-3+ • yearsGRC tool familiarity (preferred) – 1-2+ years