Manager, Governance Risk & Compliance

About The Position

Requirements

• Hold a Bachelor 's degree in Information Systems, Computer Science, Cybersecurity or equivalent years of relevant professional IT work experience.
• Have 7+ years of hands-on operational IT cybersecurity experience.
• Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk with applied knowledge of NIST 800-53, NIST 800-171, and HIPAA regulations.
• Have experience running vulnerability analysis tools, like Nessus, Qualys, or Rapid7.
• Have experience with data analysis using tools like, Splunk, ELK, or SQL.
• Have experience in assessing cloud technologies such as Amazon Web Services or Microsoft Azure.
• Have 5+ years in management/supervision in an operational cybersecurity role.
• Are able to self-direct and work independently as necessary.
• Possess exceptional analytical and problem-solving skills.
• Are an articulate and effective communicator with the ability to engage all levels of staff and management.
• Possess a proven track record of successfully leading, coaching, and motivating direct reports in solving complex problems.
• Are able to obtain a Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

Nice To Haves

• Hold a Master's degree in Information Systems, Computer Science, or related field.
• Have experience with supporting cybersecurity operation center processes and tools.
• Have experience running IT projects involving at least 10 people.
• Possess certifications such as CISSP, CISSP-ISSEP, or SANS GIAC Security Essentials.
• Have extensive experience in cloud technologies such as Amazon Web Services or Microsoft Azure.

Responsibilities

• Maintain formalized IT Governance framework for APL's unclassified network.
• Review existing IT compliance controls for regulatory updates and perform necessary gap analysis create and participate in various internal and external audit and compliance activities.
• Monitor compliance with and develop organizational security policies and procedures for compliance with FISMA and NIST 800-53, NIST 800-171, HIPAA, as well as developing and evolving government regulations.
• Review and provide input on contracts for compliance.
• Create and maintain Systems Security Plans and document monitor and report on status of POA&M items.
• Present briefings to senior management.
• Develop and enhance processes, work flows, and documentation for monitoring compliance and privacy requirements.
• Participate in project and cross-functional security teams requiring interaction with system administrators, networking staff, application developers, IT operations staff, and cyber research and development areas within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations.
• Work effectively with all levels of management and staff and participate in project and cross-functional security teams within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations and evolve cyber security awareness and training programs.
• Work with internal, industry and third party IT security partners to stay current on industry trends, controls and security technologies and services.
• Collaborate with other organizations to maintain knowledge and leverage best practices.
• Provide routine reporting on goals and objectives to management.
• Establish strong relationships with staff, improve morale, conduct coaching, promote career growth, manage performance, and participate in recruiting and other line supervision activities as a member of the department 's extended management team.

Benefits

• Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance.