Copy of GRC Reporting and Metrics Specialist

• About Saliense

Benefits

At Saliense, we are committed to fostering a culture of continuous learning and professional growth. Our employees are encouraged to take on challenging and meaningful work, with ample opportunities for career advancement. We offer competitive compensation and benefits, including:

• 20 Days PTO + 40 Hours of Paid Sick & Safe Time
• 11 Federal Holidays + 2 Corporate Holidays
• Health, Vision, Dental, and Life Insurance
• 401(k) with Tiered Match & 100% Vesting
• Parental Leave for Birthing and Non-Birthing Parents
• Professional Development Reimbursement Program

We believe in empowering our team members to achieve their professional goals while contributing to impactful projects that make a difference. Join us at Saliense and be part of a growing organization dedicated to innovation, collaboration, and excellence. Visit www.saliense.com to learn more. There are many more - connect with us to get a preview of the full benefits package. About The Role

• The GRC Reporting and Metrics Specialist is responsible for developing, maintaining, and enhancing governance, risk, and compliance reporting that provides clear visibility into the organization’s cybersecurity posture. This role designs and delivers automated dashboards and recurring reports using GRC platforms, Power BI, Power Automate, ServiceNow, and other enterprise data sources to track key metrics such as system authorization status, POA&M performance, risk acceptance, and compliance trends. The specialist works closely with technical teams, data owners, and leadership to translate complex security and compliance data into accurate, actionable insights.

A core focus of the role is reducing manual reporting through automation, ensuring data quality and consistency, and continuously improving metrics and dashboards to support informed decision‑making and organizational cybersecurity initiatives.

What You'll Do

• Design, create, and maintain dynamic dashboards using tools like SharePoint, Power BI, Power Automate, and ServiceNow. These dashboards will provide visualizations and metrics on cybersecurity status across the enterprise, systems, and individual programs. You will leverage data from various sources, including the agency's GRC (Governance, Risk, and Compliance) tools, to present clear and concise security information.
• Collaborate with cross-functional teams to gather and analyze requirements
• Produce and deliver recurring weekly and monthly reports on the security status of all existing and new systems. These reports will include key metrics such as system authorization status, POA&M (Plan of Action and Milestones) details, and risk acceptance status. You will also be responsible for creating ad-hoc reports as requested by leadership.
• Work closely with various stakeholders, including data providers, end-users, and leadership, to understand their reporting needs.
• You will present proposed dashboards and reports for review and approval, incorporating feedback to ensure all deliverables are accurate and effective.
• Identify opportunities for automation to reduce manual reporting efforts. You will continuously update and improve dashboards and reports to ensure they are integrated with the agency’s initiatives and technology infrastructure, thereby increasing efficiency and minimizing the time required to generate reports.
• Ensure solutions are scalable, secure, and maintainable
• Participate in Agile Development processes, including sprint planning, daily stand-ups, and retrospectives

Qualifications

• Four (4)+ years of experience in listed tasks
• Master’s degree
• Demonstrated proficiency in developing, designing, and maintaining dashboards and reports using data visualization tools such as Power BI.
• Experience with Power Automate for automating workflows and data collection.
• Familiarity with the ServiceNow platform, particularly its reporting and dashboarding capabilities.
• Proficiency in collecting, analyzing, and interpreting data from various sources to produce actionable reports.
• Proven experience in a role focused on cybersecurity, IT, or a related field, with a strong emphasis on reporting and metrics.
• Solid understanding of cybersecurity concepts, terminology, and frameworks, including system authorization status, POA&Ms, and risk acceptance.
• Experience working with common GRC tools and understanding how to extract and utilize data from them.
• Excellent collaboration and communication skills, with the ability to work effectively with technical and non-technical stakeholders, including