Senior Director of Technology and Compliance

About The Position

Requirements

• Ability to understand and fulfill OSC Global’s mission, vision and strategic focus by incorporating knowledge into daily activities.
• Advanced knowledge of cybersecurity and compliance frameworks such as NIST 800-53, CMMC, privacy laws, and the GovCon regulatory environment.
• Strong understanding of AI architectures, AI governance frameworks, and AI risk management.
• Knowledge of conducting and supporting regulatory, compliance and security audits within a government contracting or heavy regulated environment.
• Ability to evaluate risk and make informed compliance and governance decisions in regulated environments.
• Ability to expertly lead cross functional teams and interface effectively with executive leadership, auditors, regulators, and government customers.
• Excellent interpersonal skills; adept at working effectively and cooperatively with all levels of management and staff, affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others.
• Ability to work independently, as well as on a team and with minimal supervision.
• Excellent written and verbal communications skills, including thorough knowledge of proper grammar, advanced vocabulary, spelling, editing and proofreading skills.
• Broad understanding of the business objectives of OSC Global, its subsidiaries and how these objectives relate to and meet CIRI’s enterprise objectives.
• Strong ability to make decisions, solve problems, exercise good judgment and work effectively under pressure.
• Proficient using Microsoft Office products
• Experience working with and motivating in a team-oriented, collaborative environment.
• High degree of sensitivity regarding confidential information.
• Sufficient fine motor skills for use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time.
• Visual and communication ability adequate to perform the essential functions of the job.
• Ability to kneel, bend and twist at the waist on an occasional basis.
• Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion.
• Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis.
• Ability to safely operate a motor vehicle and travel by motor vehicle and aircraft.
• Bachelor’s degree in Information Security, Computer Science, Engineering, Business/Political Science/Criminal Justice or a related field; Master’s degree preferred
• Must be U.S. citizen
• Active or prior U.S. Government security clearance
• Ability to pass pre-employment background screening

Nice To Haves

• Experience with compliance automation, GRC tools, and scalable compliance architectures.
• Experience supporting classified and unclassified government programs.
• Experience with enterprise risk management and corporate governance models in multi subsidiary environments.

Responsibilities

• Lead enterprise technology governance, cybersecurity and compliance programs across OSC Global and its subsidiaries.
• Collaborate with leadership to develop, implement and monitor policies and controls that address U.S. federal laws, DoD directives and commercial regulations (e.g., NIST SP 80053/171, CMMC, FedRAMP, DFARS/FAR, ISO 27001/42001).
• Serve as a senior advisor on cyber risk, technology risk and regulatory compliance for government contracts and regulated commercial contracts.
• Oversee technology risk assessments, compliance audits and incident response planning; coordinate corrective actions and continuous improvement.
• Establish and maintain standardized compliance frameworks, metrics and reporting mechanisms; regularly brief executive leadership on risk posture and compliance status.
• Support M&A due diligence and integration activities related to cybersecurity and IT controls.
• Guide and mentor compliance and technology governance teams; provide training and awareness across the enterprise.
• Foster collaboration among legal, contracts, security, IT and business leaders to embed compliance requirements into operational processes.
• Perform other duties as appropriate and as assigned.