Programmer 3 - GRC Administrator and Developer

Aroha Technologies
Lansing, Michigan
Full Time

Email Address

Apply Now

Lansing, MI, 48933

Resumes need to be: 4-5 pages

Interview Process: In-person interviews (bringing laptops, headsets, etc. to the interview is not permitted). Candidates MUST be available for an in-person interview.

Duration: 1 year with possible extension

Hybrid: Resource will be working a hybrid schedule. NO REMOTE ONLY OPTION. Will need to be onsite from day 1, two days a week (Mondays and Tuesdays required)

Local candidates ONLY (must be within 1.5 hours from Lansing, MI at time of submission)

References are required for this position. Please include a separate attachment with your submission that includes 2-3 professional references. Each reference should include the name, email, phone number, and their position title/company name.

Top Skills & Years of Experience:

Python programming (primary requirement) 2-3+ years

API integration and automation experience 1-2+ years

Agile methodology experience 1-2+ years

Risk Management knowledge 1-2+ years

Database design expertise 2-3+ years

GRC tool familiarity (preferred) 1-2+ years

Clear and concise written and verbal communication is crucial to success and productivity in this role.

Job Description

Job Title: GRC Administrator and Developer

Position Summary

This position is part of a collaborative team of information technology professionals dedicated to supporting the agency's mission and goals. The role focuses on maintaining and enhancing the State of Michigan's Web-based Governance, Risk, and Compliance (GRC) tool, Navex IRM (formerly Keylight). Responsibilities include administration, development, troubleshooting, and implementing new functionality. The position may also involve working on new development projects, testing, documentation, and cross-team collaboration with Michigan Cyber Security, Office of Internal Audit Systems, Office of the Chief Technology Officer, and the Enterprise Project Management Office.

Key Responsibilities

Serve as the primary administrator and developer for the State of Michigan's GRC tool (Navex IRM).

Collaborate closely with stakeholders to understand security and compliance requirements and design tailored automation solutions.

Lead automation initiatives for security accreditation processes, including evidence collection, workflow routing, and control reviews to reduce manual effort.

Design and implement unified security controls frameworks aligned with State of Michigan Standards and integrate CJIS v6.0, IRS 1075, PCI (SAQ A, SAQ A-EP), and ARC-AMPE standards.

Develop and maintain Python API modules and automation scripts to import and update compliance controls, integrate CMDB, vulnerability data, and audit evidence for continuous monitoring.

Work cross-functionally with IT, security, and business teams to ingest structured data (JSON, CSV) into the GRC tool and maintain centralized Azure Repos for source control and documentation.

Integrate with RESTful APIs to automate data imports, exports, and reporting in JSON and CSV formats.

Troubleshoot issues, identify solutions, and ensure timely resolution.

Maintain and update system and project documentation (Azure repositories, SharePoint).

Communicate with Navex IRM regarding software issues, maintenance, and upgrades.

Analyze GRC issues/incidents to identify root causes and work with vendor support to implement solutions.

Participate in development activities, including testing, implementation, and documentation.

Perform other duties as assigned.

Required Skills and Qualifications

Python programming experience

Experience developing automation scripts and API integrations (RESTful APIs)

General knowledge of database design

Basic programming skills in Java or C#