Mythics, LLC

Senior Cybersecurity, Compliance Manager

Mythics, LLC

full-time

Posted on:

Location Type: Office

Location: 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

CloudCyber Security

About the role

  • The Senior Cybersecurity and Compliance Manager is responsible for establishing, managing, and continuously improving the company’s internal information security, cybersecurity compliance, and risk management programs.
  • Develop and execute a corporate cybersecurity strategy aligned with business objectives, risk appetite, regulatory requirements, and government contracting obligations.
  • Lead the internal security function, including security engineering, security operations, governance, and privacy alignment.
  • Advise the General Counsel and executive leadership team on cyber risk, compliance exposure, and major security decisions.
  • Provide regular reporting to executive leadership, the CEO, and the Board on security posture, risks, incidents, and compliance programs.
  • Responsible for corporate compliance with all government and industry cybersecurity frameworks:
  • Oversee the internal Information Security Management System (ISMS) and maintain certification readiness.
  • Lead internal audits, evidence collection, POA&M management, and continuous monitoring.
  • Ensure all contractual cybersecurity clauses and flow-downs are properly implemented across the organization.
  • Lead enterprise security operations, including vulnerability scanning and remediation, endpoint and mobile device security, network and cloud security, identity and access management (IAM), and incident detection and response program.

Requirements

  • Bachelor’s degree in cybersecurity, information technology, business, or related discipline and/or equivalent work experience
  • 8+ years of experience in cybersecurity and information security roles
  • Direct experience managing internal cybersecurity programs within a government contracting, technology, or professional services organization
  • Expert-level knowledge of NIST SP 800-171, CMMC, ISO/IEC 27001:2022, DFARS, FAR, and federal agency cybersecurity requirements, state and local government security expectations, and PCI-DSS (where applicable)
  • Proven ability to lead internal incident response, risk management, and enterprise GRC programs
  • Senior leader-level communication and ability to articulate cybersecurity risk to legal, operational, and business leaders
  • Strong decision making, judgment, and ability to prioritize risk in a business-focused environment
  • Integrity, confidentiality, and composure in handling sensitive or high-impact matters
  • Deep understanding of federal, state, and local government contracting cybersecurity requirements
  • Preferred Certifications CISSP, CISM, CRISC or CGEIT, PCI ISA/QSA experience beneficial
Benefits
  • Comprehensive Health, Dental, and Vision plans
  • Premier 401k retirement plan with corporate matching and a 529 college saving plan
  • Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
  • Legal Resources
  • Unlock Exclusive Benefits for Full-Time Employees: Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
  • Employee referral program
  • Employee recognition, gift and reward program
  • Tuition reimbursement for continuing education
  • Remote or hybrid work options
  • Engaging company events such as team building activities, annual awards and kick-off parties
  • Health and wellness-focused activities
  • Relaxation Spaces
  • In-office gourmet coffee, tea, fresh fruit and healthy snacks
  • Corporate GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cybersecurityrisk managementsecurity engineeringsecurity operationsvulnerability scanningincident detection and responseidentity and access managementcompliance programsinternal auditsevidence collection
Soft skills
communicationdecision makingjudgmentprioritizationintegrityconfidentialitycomposureleadershipadvisory skillsarticulation of risk
Certifications
CISSPCISMCRISCCGEITPCI ISAQSA