Manager, Cybersecurity Governance, Risk and Compliance

Position Overview

The Manager ofCybersecurity Governance Risk and Compliance is responsible for ensuring the robust security posture of customer sites by overseeing all aspects of cybersecurity governance risk management and compliance with federal mandates and best practices. The successful candidate will be a visionary leader an exceptional mentor and a skilled program manager with a deep understanding of the federal cybersecurity landscape.

This position will support the mission-critical operations at the US Department of Energy Handford Site.

Major Activities (Typical Duties/Responsibilities)

• Lead mentor and develop a high-performing team of experienced cybersecurity analysts specializing in GRC functions (e.g. policy development risk assessment internal audit issues management security awareness).
• Foster a collaborative and engaging work environment that promotes professional growth knowledge sharing and continuous improvement.
• Conduct performance reviews provide regular feedback and develop individual development plans for team members.
• Delegate tasks effectively ensuring equitable distribution of workload and leveraging individual strengths.
• Promote a culture of accountability proactivity and excellence within the GRC team
• Oversee the development implementation and maintenance of the cybersecurity GRC program in alignment with federal regulations (e.g. FISMA NIST RMF FedRAMP) site policies and industry best practices.
• Manage and prioritize multiple GRC initiatives and projects ensuring timely completion and adherence to scope and budget.
• Develop and implement strategic plans for enhancing the cybersecurity GRC posture of customer sites.
• Establish and track key performance indicators (KPIs) and metrics to measure the effectiveness of GRC activities.
• Identify and implement automation and process improvements to enhance GRC efficiency and effectiveness.
• Monitor and ensure the organizations adherence to the performance requirements and deliverables outlined in its contracts with customers.
• Develop track and report on key performance indicators (KPIs) and service level agreements (SLAs) related to cybersecurity GRC activities as required by customer contracts.
• Identify potential deviations or risks to contractual obligations and develop mitigation strategies in collaboration with relevant stakeholders.
• Prepare and present regular performance reports to internal leadership and external customer representatives demonstrating compliance and program effectiveness.
• Facilitate and support customer-initiated reviews and audits related to cybersecurity contract performance.
• Serve as the primary point of contact for cybersecurity GRC matters with internal and external stakeholders including senior leadership federal auditors agency officials and other site departments.
• Effectively communicate complex cybersecurity concepts and risks to non-technical audiences.
• Represent the organization in various forums committees and working groups related to cybersecurity GRC.
• Build and maintain strong relationships with key stakeholders to foster a collaborative approach to cybersecurity.
• Perform other duties as appropriate and as assigned.
  

Knowledge/Skills/Abilities

• Working knowledge of federal cybersecurity regulations frameworks and guidelines such as Federal Information Security Modernization Act (FISMA) National Institute of Standards and Technology (NIST) Special Publications (e.g. SP 800-53 SP 800-37 SP 800-30) and Federal Risk and Authorization Management Program (FedRAMP).
• Working knowledge of cybersecurity tools and technologies used for GRC activities (e.g. GRC platforms vulnerability scanners security information and event management (SIEM) systems).
• Good interpersonal skills: ability to work effectively and cooperatively with all levels of management and staff affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others.
• Superior organizational follow-up and detail-oriented skills.
• Strong ability to analyze documents and categorize appropriately.
• Ability to maintain accurate records.
• Work independently as well as on a team and with minimal supervision.
• Make decisions solve problems and exercise excellent judgment.
• Work well under pressure and independently prioritize workload while working on multiple projects.
• Ability to research organize and analyze technical information with particular attention to accuracy and detail.
• Excellent written and verbal communication skills; including thorough knowledge of proper grammar advanced vocabulary spelling editing and proofreading skills.
• Proficient using Microsoft Office products such as Word Excel and PowerPoint and industry-standard computer software and databases.
• High degree of sensitivity regarding confidential information.

Physical Abilities

• Sufficient fine motor skills for the use of computers calculators with an ability to withstand repetitive keyboarding for extended periods of time.
• Visual and communications ability adequate to perform the essential functions of the job.
• Ability to kneel bend and twist at the waist on an occasional basis.
• Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion.
• Ability to push pull carry and lift objects weighing up to 10 pounds on a regular basis and greater weights on an occasional basis.

Minimum Qualifications

• Bachelors degree in Cybersecurity Information Technology Computer Science Management Information Systems Business Administration or other related field.
• Eight or more years of relevant work experience including:
  • Five or more years of progressive experience in cybersecurity
  • Management and leadership experience (e.g. manager/supervisor team/project/program lead or similar experiences in a formal or informal leadership capacity.
    
• Ability to pass a background and drug screening
• Must have identification compliant with the Real ID Act at time of hire
• Must be able to obtain Department of Energy badge
  

Pay Range: $110527.00 - $193794/yearly

Benefits: OSC Technical Solutions offers excellent benefits for eligible employees. Benefits include paid holidays paid time off 401k with employer match dental vision health insurance plans through the Federal Employee Health Benefits (FEHB) program as well as life and disability benefits.

OSC Technical Solutions does not discriminate and the company provides equal employment opportunity for all employees and applicants without regard to race religion color sex gender sexual orientation national origin citizenship status age marital status pregnancy or parenthood handicap or disability genetics veteran status or any other legally protected characteristic. OSC Technical Solutions adheres to all federal state and local laws regarding equal employment opportunity and will not discriminate against you in violation of these laws. OSC Technical Solutions reserves the right to apply CIRI Shareholder preference to qualified Shareholders in employment and advancement opportunities.

OSC Technical Solutions participates in E-Verify. We will provide the Social Security Administration (SSA) and if necessary the Department of Homeland Security (DHS) with information from each new employees Form I-9 to confirm work authorization.

Reasonable Accommodation:

OSC Technical Solutions will provide reasonable accommodations according to applicable state and federal laws to all qualified individuals with physical or mental compliance with the ADA Amendments Act (ADAAA) if you have a disability and would like to request an accommodation in order to apply for a position with OSC Global LLC or any of its subsidiaries please email

Required Experience:

Manager