Manager, IT Risk & Compliance

. Lead enterprise-wide governance for frameworks and regulations including NIST 800-171, DFARS, and CMMC.

Posted 4/20/2026full-timeRemote • Minnesota • 🇺🇸 United StatesMid-LevelSenior💰 $107,000 - $147,000 per yearWebsite

Tools & technologies

Cyber SecurityPMP

Key responsibilities & impact

Lead enterprise-wide governance for frameworks and regulations including NIST 800-171, DFARS, and CMMC.
Drive organizational readiness and successful execution of CMMC Level 2 assessments across Aerospace & Defense (A&D) sites.
Oversee the full lifecycle of internal and external IT audits.
Implement and manage the enterprise GRC platform to centralize compliance tracking, POA&M management, and risk reporting.
Define and enforce access control standards.
Direct the development and maintenance of System Security Plans (SSPs).
Partner with site-level IT teams to identify vulnerabilities and embed security controls into business processes.
Lead cross-functional security and compliance initiatives.

What you’ll need

5–7+ years of experience in IT Security, Risk Management, or Compliance, preferably in manufacturing or defense environments
Strong working knowledge of NIST 800-171, CMMC, ITAR, and GDPR
Preferred Certifications: CMMC Certified Professional (CCP) (highly preferred), CMMC Certified Assessor (CCA), CISSP, CISA, ISO/IEC 27001 Lead Auditor, or PMP.
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Comp & perks

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT SecurityRisk ManagementComplianceNIST 800-171CMMCITARGDPRSystem Security PlansAccess Control StandardsGRC platform management

Soft Skills

leadershiporganizational readinesscross-functional collaborationcommunication

Certifications

CMMC Certified Professional (CCP)CMMC Certified Assessor (CCA)CISSPCISAISO/IEC 27001 Lead AuditorPMP