Deputy Cybersecurity Governance Lead

Washington, AR - USA

Monthly Salary: Not Disclosed

Posted on: 4 days ago

Vacancies: 1 Vacancy

Job Summary

Summit Technologies Inc. is looking for a Deputy Cybersecurity Governance Lead to support a critical U.S. government agency in the National Capital Region. This senior-level role provides operational leadership across Governance Risk and Compliance (GRC) activities supporting enterprise systems and their subsystems.

This role is responsible for ensuring the security and compliance of agency information systems by overseeing implementation and management of security controls aligned with federal cybersecurity frameworks including the NIST Risk Management Framework (RMF) FISMA and NIST SP 800-53. This is a hybrid role that requires a minimum of three on-site days per week in Washington DC. Candidates must be eligible for a Public Trust clearance.

This is an excellent opportunity for an experienced cybersecurity leader to contribute to the secure provisioning authorization and ongoing monitoring of systems across both on-premise and cloud environments. The Deputy Cybersecurity Governance Lead will collaborate with federal Information System Security Officers (ISSOs) system owners engineers and security teams to maintain the confidentiality integrity and availability of government systems while driving consistency quality and accountability across GRC operations.

Responsibilities:

Provide day-to-day operational leadership across GRC workstreams including Risk Management Assessment & Authorization and Audit Support.
Oversee development review and quality assurance of Security Authorization packages including SSPs SARs and POA&Ms across multiple systems.
Coordinate and prepare systems for Security Control Assessments (SCA) ensuring completeness accuracy and audit readiness of all artifacts.
Oversee Security Impact Analyses (SIAs) for system changes modernization efforts and new system integrations.
Ensure effective implementation and monitoring of security controls in accordance with NIST SP 800-53 RMF and agency security policies.
Lead POA&M lifecycle management including development tracking remediation validation and closure assessments.
Oversee Risk Acceptance processes ensuring proper documentation justification and alignment with system risk posture.
Manage and enforce continuous monitoring activities ensuring control effectiveness and ongoing authorization compliance.
Coordinate audit support activities including PBC responses audit data calls audit brief development and remediation of findings.
Lead development of audit response packages (RCF RAC PSR) and support FISMA and A-130 reporting requirements.
Serve as a primary contractor interface to federal stakeholders including ISSOs Authorizing Officials (AO) and Security Control Assessors (SCA).
Oversee coordination between system owners Security Operations Vulnerability Management and Security Tools teams to ensure integrated security operations.
Provide mentorship and oversight to ISSO support and business area liaisons ensuring effective execution of responsibilities.
Establish and enforce quality standards for all GRC deliverables ensuring documentation reflects actual system implementation.
Manage task tracking prioritization and execution across team activities to ensure contract deliverables and timelines are met.
Identify process gaps and implement improvements to increase efficiency reduce RMF cycle time and enhance audit readiness.
Prepare and deliver executive-level reports risk briefings and status updates to internal and external stakeholders.

Requirements:

Bachelors degree and 10 years of IT security GRC or systems security engineering experience or Masters degree with 8 years of experience.
Ability to obtain and maintain a public trust requiring U.S. Citizenship or Green Card.
Demonstrated experience leading or overseeing RMF and GRC activities across multiple systems or enterprise environments.
Strong understanding of the NIST RMF NIST SP 800-53 FISMA and federal security policies including EO 14028 and OMB M-22-09.
Experience managing ATO processes authorization artifacts (SSP SAR POA&M SIA) and continuous monitoring programs.
Proven experience supporting federal audits including PBC responses audit data calls and remediation tracking.
Experience coordinating across engineering operations and compliance teams in complex environments.
Ability to enforce accountability and drive execution across multiple stakeholders without direct authority.
Strong understanding of enterprise IT environments including cloud (AWS Azure GCP) and hybrid architectures.
Familiarity with enterprise platforms such as Microsoft 365 Azure AD Cisco and Oracle.
Strong documentation reporting and communication skills including the ability to convey complex technical issues to non-technical audiences.
Proficient in Microsoft Office (Word Excel PowerPoint SharePoint).

Preferred Qualifications:

Prior experience functioning in an ISSM Deputy ISSM or GRC Lead role within a federal environment.
Experience supporting large multi-system environments or system boundary consolidation efforts.
Experience with GRC and SA&A tools such as Archer eMASS JCAM CSAM or Xacta.
Familiarity with FedRAMP cloud compliance requirements and federal privacy regulations.
Certifications such as CISSP (strongly preferred) CISM CAP or CRISC.
Understanding of adversary TTPs and frameworks such as MITRE ATT&CK.
Ability to operate in a fast-paced high-visibility environment with competing priorities.

Clearance Requirement:

All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance

If you feel you are qualified and want to be considered for this position please supply the following to: and please put the job number 6932 in the subject line:

Updated resume including MM/YYYY for each employer.
Best times/dates to interview (plus phone # you can best be contacted at).
Availability to start once given formal offers.

Summit Technologies Inc. appreciates your interest. We will contact the best matching prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion gender sexual orientation gender identity national origin disability or veteran status.

Summit Technologies Inc. is looking for a Deputy Cybersecurity Governance Lead to support a critical U.S. government agency in the National Capital Region. This senior-level role provides operational leadership across Governance Risk and Compliance (GRC) activities supporting enterprise systems and ...

Responsibilities:

Provide day-to-day operational leadership across GRC workstreams including Risk Management Assessment & Authorization and Audit Support.
Oversee development review and quality assurance of Security Authorization packages including SSPs SARs and POA&Ms across multiple systems.
Coordinate and prepare systems for Security Control Assessments (SCA) ensuring completeness accuracy and audit readiness of all artifacts.
Oversee Security Impact Analyses (SIAs) for system changes modernization efforts and new system integrations.
Ensure effective implementation and monitoring of security controls in accordance with NIST SP 800-53 RMF and agency security policies.
Lead POA&M lifecycle management including development tracking remediation validation and closure assessments.
Oversee Risk Acceptance processes ensuring proper documentation justification and alignment with system risk posture.
Manage and enforce continuous monitoring activities ensuring control effectiveness and ongoing authorization compliance.
Coordinate audit support activities including PBC responses audit data calls audit brief development and remediation of findings.
Lead development of audit response packages (RCF RAC PSR) and support FISMA and A-130 reporting requirements.
Serve as a primary contractor interface to federal stakeholders including ISSOs Authorizing Officials (AO) and Security Control Assessors (SCA).
Oversee coordination between system owners Security Operations Vulnerability Management and Security Tools teams to ensure integrated security operations.
Provide mentorship and oversight to ISSO support and business area liaisons ensuring effective execution of responsibilities.
Establish and enforce quality standards for all GRC deliverables ensuring documentation reflects actual system implementation.
Manage task tracking prioritization and execution across team activities to ensure contract deliverables and timelines are met.
Identify process gaps and implement improvements to increase efficiency reduce RMF cycle time and enhance audit readiness.
Prepare and deliver executive-level reports risk briefings and status updates to internal and external stakeholders.

Requirements:

Bachelors degree and 10 years of IT security GRC or systems security engineering experience or Masters degree with 8 years of experience.
Ability to obtain and maintain a public trust requiring U.S. Citizenship or Green Card.
Demonstrated experience leading or overseeing RMF and GRC activities across multiple systems or enterprise environments.
Strong understanding of the NIST RMF NIST SP 800-53 FISMA and federal security policies including EO 14028 and OMB M-22-09.
Experience managing ATO processes authorization artifacts (SSP SAR POA&M SIA) and continuous monitoring programs.
Proven experience supporting federal audits including PBC responses audit data calls and remediation tracking.
Experience coordinating across engineering operations and compliance teams in complex environments.
Ability to enforce accountability and drive execution across multiple stakeholders without direct authority.
Strong understanding of enterprise IT environments including cloud (AWS Azure GCP) and hybrid architectures.
Familiarity with enterprise platforms such as Microsoft 365 Azure AD Cisco and Oracle.
Strong documentation reporting and communication skills including the ability to convey complex technical issues to non-technical audiences.
Proficient in Microsoft Office (Word Excel PowerPoint SharePoint).

Preferred Qualifications:

Prior experience functioning in an ISSM Deputy ISSM or GRC Lead role within a federal environment.
Experience supporting large multi-system environments or system boundary consolidation efforts.
Experience with GRC and SA&A tools such as Archer eMASS JCAM CSAM or Xacta.
Familiarity with FedRAMP cloud compliance requirements and federal privacy regulations.
Certifications such as CISSP (strongly preferred) CISM CAP or CRISC.
Understanding of adversary TTPs and frameworks such as MITRE ATT&CK.
Ability to operate in a fast-paced high-visibility environment with competing priorities.

Clearance Requirement:

All candidates must be eligible to obtain and maintain a U.S. Public Trust clearance

If you feel you are qualified and want to be considered for this position please supply the following to: and please put the job number 6932 in the subject line: