Security Governance Manager (Remote / DC-Metro)
About The Position
Unison is hiring a Security Governance Manager to manage key activities supporting our federal authorizations, customer assurance obligations, and compliance operations. Reporting directly to the CISO, you will manage security governance activities supporting our authorizations and certifications, including FedRAMP, DoD Impact Level 4 (IL4), CMMC, and others. You will work as part of the broader Security team to maintain authorization documentation, strengthen evidence quality, coordinate with control owners, support annual assessments, manage customer and vendor assurance activities, and keep audit and authorization work moving with discipline and clarity. This is a hands-on leadership role for a GRC practitioner who treats compliance as a way to enable the business and earn trust.
Requirements
- 6+ years in GRC, security governance, compliance, audit, or risk management.
- Hands-on FedRAMP experience, including authorization, continuous monitoring, SSP maintenance, evidence management, assessments, annual assessment support, and POA&M coordination.
- Exposure to other federal authorizations and certifications such as DoD IL4/IL5 or CMMC.
- Working knowledge of NIST SP 800-53 and the control expectations behind FedRAMP, CMMC, and similar programs, including authorization documentation and audit evidence practices.
- Proven ability to manage people and vendors and to communicate credibly with auditors, technical teams, customers, and executives.
- Strong written communication skills, including the ability to produce clear policies, procedures, control narratives, customer responses, risk summaries, and executive-ready updates.
Nice To Haves
- A prior hands-on technical role, such as engineering, security operations, or systems/cloud administration.
- FedRAMP High, agency ATOs, or multiple federal authorization paths.
- DoD IL4/IL5, CMMC, or DISA experience.
- SaaS or GovTech experience serving federal agencies.
- Certifications such as CGRC, CISM, CRISC, CISA, CISSP, or CCSP.
Responsibilities
- Lead and mature the Security Governance function as part of the broader Security team, covering strategy, processes, ownership, reporting, and continuous improvement.
- Maintain and strengthen Unison’s authorizations and certifications, including FedRAMP, IL4, and CMMC, by managing documentation, SSP updates, evidence quality, control-owner coordination, audit readiness, and annual assessment support.
- Support FedRAMP continuous monitoring activities, including recurring evidence collection, monthly and annual deliverables, risk documentation, remediation commitments, approvals, and deadlines.
- Coordinate with agency Authorizing Officials, 3PAOs, agency stakeholders, auditors, and control owners through assessments and ongoing authorization activity.
- Own the lifecycle of security policies, standards, and procedures, keeping documentation aligned with actual business and technical practice.
- Manage customer trust and assurance activities, including customer security reviews, questionnaires, RFPs, due-diligence responses, and reusable evidence packages.
- Communicate governance, compliance, audit, and risk topics clearly to technical teams, customers, auditors, executives, and business stakeholders.
Benefits
- Travel and accommodation will be provided for the in-person interview.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
