Dayforce is a global human capital management (HCM) company headquartered in Toronto, Ontario, and Minneapolis, Minnesota, with operations across North America, Europe, Middle East, Africa (EMEA), and the Asia Pacific Japan (APJ) region.
Our award-winning Cloud HCM platform offers a unified solution database and continuous calculation engine, driving efficiency, productivity and compliance for the global workforce.
Our brand promise - Makes Work Life Better™ - Reflects our commitment to employees, customers, partners and communities globally.
Citizenship Requirement for US Candidates: • Must be a US citizen About the opportunity We’re looking for a GRC Analyst to help ensure our cloud services meet key public sector security and compliance standards (including FedRAMP and PBMM). In this role, you’ll play a critical part in enabling government customers to securely and confidently use our platform. You’ll work across engineering, security, and compliance teams to support audits, maintain authorization status, and continuously improve our security posture. What you’ll get to do Support FedRAMP & NIST Compliance • Support authorization, compliance, and continuous monitoring activities • Interpret and apply security controls and control enhancements • Keep key documentation up to date, including system security plans, policies, and control descriptions • Track compliance against established baselines (Low / Moderate / High) Partner on audits and assessments Work cross-functionally to ensure we’re always audit-ready: • Coordinate and support third-party audits (including 3PAO assessments) • Gather and review evidence from engineering, infrastructure, and operations teams • Respond to auditor questions and information requests • Help track remediation efforts and support closure of identified gaps • Contribute to annual assessments, penetration test reviews, and vulnerability reporting Contribute to continuous monitoring Help maintain a strong and consistent compliance posture by: • Supporting monthly FedRAMP continuous monitoring activities • Reviewing vulnerability scans and tracking remediation progress • Coordinating incident reporting and change management impacts • Ensuring changes follow approved compliance processes • Identifying and escalating potential compliance risks Collaborate across teams You’ll act as a bridge between technical and non-technical stakeholders: • Partner with Cloud Engineering, DevOps, Security Operations, Legal, and Product teams • Translate technical controls into clear, audit-ready documentation • Support internal reporting and briefings on compliance status and risk Support governance and documentation • Maintain organized compliance evidence repositories • Assist with internal audits and readiness assessments • Contribute to updates of policies and standards aligned to federal requirements • Support responses to customer and government security questionnaires Skills and Experiences we value We’re looking for someone who brings a mix of the following: • Experience in GRC, cybersecurity compliance, or audit support (typically 2+ years) • Familiarity with frameworks such as FedRAMP, NIST SP 800-53, or similar compliance programs • Experience working with auditors or assessment organizations (e.g., 3PAOs) is a plus • Exposure to cloud environments such as AWS or Azure You’ll also likely have experience or interest in: • The FedRAMP lifecycle and continuous monitoring processes • NIST 800-53 control families • POA&M management and risk tracking • Analyzing technical controls and clearly documenting compliance • Working with compliance or GRC tools, ticketing systems, or evidence repositories Who you are • You enjoy bringing structure and clarity to complex requirements • You’re detail-oriented but can also see the bigger picture • You’re comfortable collaborating across technical and non-technical teams • You communicate clearly, especially when working with documentation and evidence • You’re proactive and curious, with a mindset of continuous improvement
What’s in it for you Dayforce is fueled by the diversity of our talented employees. We are an equal opportunity employer and consider and embrace ALL individuals and what makes them unique. We believe our employees should be happy and healthy, with peace of mind and a sense of fulfillment. We encourage individuals to apply based on their passions. Dayforce encourages personal and professional growth. We offer excellent time away from work programs, comprehensive wellness initiatives and recognition through competitive pay and benefits. With a commitment to community impact, including volunteer days and our charity, Dayforce Cares we provide opportunities for you to thrive both in your career and personal life. Our focus is not just on your job but on supporting you to be the best version of yourself. About the Salary Ranges
Please note that the salary range mentioned in this job description should serve simply as a guide. The final compensation offered may vary based on a variety of factors, including bonuses and/or incentives, or a candidate’s experience, skills, budget and location. Our company is committed to providing a fair, equitable, and competitive package that reflects the value an individual brings to the organization. Fraudulent Recruiting Beware of fraudulent recruiting. Legitimate Dayforce contacts will use an @dayforce.com email address. We do not request money, checks, equipment orders, or sensitive personal data during the recruitment process. If you have been asked for any of the above, or believe you have been contacted by someone posing as a Dayforce employee, please refer to our fraudulent recruiting statement found here: https://www.dayforce.com/be-aware-of-recruiting-fraud Dayforce actively monitors all job applications to ensure authenticity. Submissions determined to be fraudulent or misleading will be declined from the recruitment process #LI-Remote
