Information Governance Specialist - Defense Programs

About The Position

Requirements

• Bachelor’s in Information Systems, Information Security, Data Management, Cybersecurity
• 5+ years of experience in Information Governance, Industrial Security, Information Security, Risk Management, or audit readiness.
• 2+ years in defense industry roles involving regulatory compliance in aerospace, defense, or similarly regulated industries.
• Familiar with CMMC, NIST SP 800‑171, DFARS, FAR, and DoD cybersecurity requirements supporting government contracts.
• Strong understanding of information security principals, security framework and Risk management processes.
• Experience with governance, compliance, and protection tools (e.g., Proofpoint, Microsoft Purview, eDiscovery, DLP).
• Proficiency in PowerBI Pro, SharePoint, and Power Automate for governance reporting and collaboration.
• Excellent organizational, planning and time management skills
• Ability to communicate effectively and present complex security topics to stakeholders and leadership.

Responsibilities

• Ensure compliance with Corporate Data Governance policies, CMMC, NIST SP 800‑171, DFARS, FAR, and DoD cybersecurity requirements supporting government contracts.
• Contribute to the development and execution of the Information Governance roadmap aligned with defense acquisition contract requirements.
• Define and implement contract-specific data classification schemes, ownership models, and lifecycle management practices.
• Support development and implementation of Operational Security (OPSEC) plans, Information Lifecyle Management (ILM) and controlled Information handling across the organization.
• Support visitor management operations for controlled areas (e.g., badging/escorts, visitor approvals, briefings, and access logs) to protect CUI and export controlled information and align with program security requirements.
• Coordinate and document controlled data transfers (internal and external), including export/share approvals, secure transmission methods, receipt confirmation, and retention of transfer records to support audit readiness.
• Maintain and update governance documentation, including incident response plans, audit protocols, and key process documents.
• Collaborate with cross-functional teams to support digital transformation initiatives to improve end user experience.
• Collaborate with stakeholders to ensure supplier compliance with CMMC requirements
• Support risk assessments and audit activities to drive risk mitigation strategies across defense programs.
• Develop and maintain OPSEC and CUI training materials and oversee annual training initiatives.
• Maintain KPIs (training completion, audit findings aging, transfer volumes, open exceptions) and publish dashboards.

Benefits

• From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.