Director, Business Development
Cybervance, Inc.
Cyber SecurityPMP
Manager, Cybersecurity Governance, Risk, and Compliance
North Wind Group
full-time
Posted on:
Origin: • 🇺🇸 United States • Washington
Visit company websiteSalary
💰 $97,750 - $183,340 per year
Job Level
SeniorLead
Tech Stack
Cyber SecurityPMP
About the role
- Lead, mentor, and develop a high-performing team of 15-20 cybersecurity analysts specializing in GRC functions (e.g., policy development, risk assessment, internal audit, issues management, security awareness)
- Conduct performance reviews, provide regular feedback, and develop individual development plans for team members
- Delegate tasks, ensure equitable workload distribution, and promote a culture of accountability, proactivity, and excellence within the GRC team
- Oversee the development, implementation, and maintenance of the cybersecurity GRC program in alignment with federal regulations (e.g., FISMA, NIST RMF, FedRAMP), site policies, and industry best practices
- Manage and prioritize multiple GRC initiatives and projects, ensuring timely completion and adherence to scope and budget
- Develop and implement strategic plans for enhancing the cybersecurity GRC posture of customer sites
- Establish and track key performance indicators (KPIs) and metrics to measure the effectiveness of GRC activities and report on contract deliverables
- Identify and implement automation and process improvements to enhance GRC efficiency and effectiveness
- Monitor and ensure adherence to contractual performance requirements, SLAs, and prepare and present regular performance reports to internal leadership and external customer representatives
- Facilitate and support customer-initiated reviews and audits related to cybersecurity contract performance
- Serve as the primary point of contact for cybersecurity GRC matters with internal and external stakeholders, including senior leadership, federal auditors, agency officials, and other site departments
- Communicate complex cybersecurity concepts and risks to non-technical audiences and represent the organization in forums, committees, and working groups
- Perform other duties as assigned
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Management Information Systems, Business Administration, or similar
- 8+ years of relevant work experience, including: 5+ years of progressive experience in cybersecurity
- Management and leadership experience (e.g., manager/supervisor, team lead, project lead, program lead, or similar experiences in a formal or informal leadership capacity)
- In-depth knowledge of federal cybersecurity regulations, frameworks, and guidelines, including but not limited to: Federal Information Security Modernization Act (FISMA); National Institute of Standards and Technology (NIST) Special Publications (e.g., SP 800-53, SP 800-37, SP 800-30); Federal Risk and Authorization Management Program (FedRAMP)
- Familiarity with cybersecurity tools and technologies used for GRC activities (e.g., GRC platforms, vulnerability scanners, security information and event management (SIEM) systems)
- Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences
- Ability to manage multiple priorities and meet deadlines
- Must pass pre-employment background check
- Must pass pre-employment drug screening
- Applicants are required to have REAL ID ACT compliant documentation at time of hire and nothing on record that would prohibit you from gaining access to Department of Energy sites
- Required to obtain and maintain a HSPD-12 Personal Identity Verification (PIV) Credential (must successfully complete and pass a federal background check investigation)
- US citizenship required
- Must reside within the US; work cannot be performed from outside the US
- Ability to work approximately 50% remote and 50% in-person at the office and customer locations in Richland, Washington
- Preferred: Master's degree in a relevant field; Relevant professional certifications such as CISSP, CISM, CISA, PMP; Experience working at a large federal civilian agency or national laboratory
