Archer GRC Developer

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a "work hard, play hard" mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation's critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we're looking for:

We are seeking an Archer GRC Developer with expertise in configuring, developing, and maintaining RSA Archer solutions to support Governance, Risk, and Compliance (GRC) initiatives. The ideal candidate will have strong technical capabilities in Archer development, data integration, risk automation, and compliance alignment with federal security frameworks. The Archer GRC Developer role requires hands-on experience in configuring Archer applications, designing workflows, and optimizing risk and compliance processes while ensuring system stability and performance. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.

What you'll be doing:

• Develop and enhance Archer applications to support SOC incident tracking, POA&M management, and A&A lifecycle monitoring.
• Configure and optimize Archer questionnaires.
• Ensure Archer solutions align with NIST 800-53, 800-37, 800-30, and FISMA requirements, enhancing risk analysis and compliance efforts.
• Lead the design, development, and configuration of core and on-demand applications, enabling custom workflows for security and risk teams.
• Develop and integrate data feeds from internal and external sources, ensuring real-time risk assessments and compliance tracking.
• Collaborate with cross-functional teams, including infrastructure, security, and project management, to ensure smooth Archer implementation and compliance alignment.
• Work closely with infrastructure teams to facilitate necessary configurations (e.g., x.509 certificates) while ensuring Archer platform security and performance compliance.
• Design interactive dashboards and reports, providing CISO, CIO, and stakeholders with critical risk insights.
• Initiate and manage change requests for Archer server updates, SQL Server configurations, and OS maintenance, ensuring seamless platform operations.
• Perform hands-on Archer server configuration in development environments, documenting changes for consistency across test and production.
• Oversee platform upgrades, patching, and post-installation validations, maintaining system stability and compliance with security policies.
• Troubleshoot and resolve Archer application issues, working closely with end-users, DBAs, and infrastructure teams.
• Work with business and security teams to gather requirements and ensure Archer implementations meet evolving risk management needs.
• Provide regular status updates to project managers and refine Archer solutions based on iterative customer feedback and evolving risk management needs.
• Provide training and documentation for end-users, ensuring proper adoption and best practices across Archer applications.
• Support risk committee reporting, issues management oversight, and vendor risk assessments for efficient GRC operations.
• Identify and implement process improvements, leveraging Archer automation capabilities to enhance risk and compliance workflows.
• Maintain ongoing communication with Archer vendor support, ensuring timely issue resolution and platform enhancements.
• Assist in the integration of Archer audit logs with Splunk, generating executive-level security reports for improved monitoring.

What you need to know:

• Strong experience in Archer GRC platform development, configuration, and administration.
• Proficiency in designing, developing, and integrating Archer applications with existing security and compliance programs.
• Strong experience with Archer's advanced workflow and questionnaire capabilities.
• Knowledge of NIST 800-series frameworks (800-53, 800-37, 800-30) and their application to risk management and compliance initiatives.
• Hands-on experience with Windows Server and SQL Server administration related to Archer configuration and performance tuning.
• Experience in automating risk acceptance processes, POA&M tracking, and A&A workflows within Archer.
• Ability to create custom dashboards, reports, and workflows for improved GRC visibility and efficiency.
• Understanding of data integration methods to connect Archer with third-party risk management tools and data sources.
• Strong troubleshooting skills to analyze and resolve technical issues in Archer, databases, and web server integrations.
• Familiarity with Splunk integration for Archer audit log monitoring.
• Strong ability to document configurations, workflows, and system updates for repeatability and compliance best practices.
• Excellent communication and stakeholder engagement skills to align Archer solutions with business and security requirements.

Must have's:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 8+ years of relevant experience in of software development experience.
• Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
• Strong experience with Archer's advanced workflow and questionnaire capabilities.
• Hands-on experience in developing Archer applications, integrating risk data feeds, and automating GRC processes.
• Experience working in federal security and compliance environments, aligning Archer solutions with FISMA and NIST frameworks.
• Proficiency in designing and configuring core and on-demand Archer applications, including workflow automation and data integrations.
• Strong troubleshooting skills to diagnose and resolve Archer application issues, database connectivity problems, and web server integrations.
• Experience in integrating Archer with external systems via data feeds, imports, and APIs.
• Knowledge of Archer access control, role-based security, and compliance-driven configurations.
• Familiarity with Windows Server and SQL Server administration as it relates to Archer configuration and performance tuning.
• Ability to develop and maintain Archer dashboards and reports to provide executives with actionable security and risk insights.
• S. citizenship required in compliance with federal contract requirements.

Beneficial to have the following:

• Relevant certifications such as: CISSP, CISA and CISM.
• Experience with Excel VBA macros for data normalization in POA&M reporting.

Where it's done:

• Remote (Herndon, VA).