Cybersecurity Manager of Compliance

ASRC FederalReston, VA
Hybrid

About The Position

ASRC Federal is looking for detail-oriented and motivated Cybersecurity Manager of Compliance to join our team in a government contracting (GovCon) environment. The management role is: Responsible for: Leading, maturing, and overseeing enterprise cybersecurity compliance programs in DoD contractor environments. Providing strategic oversight for audit readiness, compliance operations, POA&M lifecycle management, documentation accuracy, and the continuous monitoring of compliance obligations across the enterprise. Accountable for ensuring full alignment with CMMC Level 2 and Level 3 requirements, NIST SP 800-171, NIST SP 800-53, NIST SP 800-161 (C-SCRM), risk governance frameworks, and enterprise security policy and procedure development. A full-time hybrid role with 2 days in our Reston, VA office.

Requirements

  • Bachelor’s degree in cybersecurity, information systems, engineering, or equivalent experience.
  • 10+ years of cybersecurity experience with at least 5 years in compliance leadership roles, OR 8+ years of cybersecruity experience with at least 3 years in compliance leadership roles with a Master's degree in cybersecurity or information systems, or related field.
  • Deep understanding of CMMC Level 2 and Level 3 frameworks.
  • Comprehensive knowledge of NIST SP 800-171, NIST SP 800-53, and NIST SP 800-161.
  • Experience in DoD contractor environments managing CUI and DFARS cybersecurity requirements.
  • Experience developing enterprise policies, standards, and procedures.
  • CISM or CISSP certification is required.
  • Strong communication, leadership, and cross-functional collaboration skills.
  • U.S. Citizenship required; ability to obtain and maintain a security clearance may be required depending on contract.

Nice To Haves

  • CCSP, CCP, CCA, CRISC, CAP, CCAK, or CMMC Certified Professional/Assessor.
  • Experience with eMASS, SIEM/SOC tools, and GRC platforms.
  • Experience with supplier cybersecurity assessments and C-SCRM initiatives.

Responsibilities

  • Lead enterprise readiness, execution, and sustainment for CMMC Level 2 and Level 3 certification.
  • Coordinate internal teams, external assessors, and evidence collection activities.
  • Ensure DFARS 252.204-7012, 7019, 7020, and 7021 compliance across programs.
  • Oversee all practices for safeguarding Controlled Unclassified Information (CUI).
  • Maintain SSPs, POA&Ms, and associated cybersecurity documentation.
  • Manage security assessments and deliver continuous monitoring activities.
  • Implement and manage 800-53 security and privacy controls across systems.
  • Guide teams through categorization, control selection, assessments, and mitigation.
  • Develop and manage supplier cybersecurity assurance processes.
  • Conduct vendor cybersecurity evaluations and ensure compliance flow-down requirements.
  • Develop, maintain, and govern enterprise information security policies and procedures.
  • Ensure alignment with federal, DoD, and internal security frameworks.
  • Develop compliance dashboards, metrics, and executive reports.
  • Lead internal audits, compliance reviews, and external audit preparation.
  • Lead a team of compliance analysts and cybersecurity professionals.
  • Provide mentorship, clarity of direction, and performance oversight.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service