Information Security Compliance Lead

At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It’s why we’re coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we’re headed. We’re proud to share our story and Make Amazing Happen at CDW.

Position Description:

The Information Security Compliance Lead will serve as the primary technical resource responsible for leading the development, maintenance, and governance of security documentation and compliance processes within a government agency. This role will oversee the lifecycle of System Security Plans (SSPs), ensure accurate mapping of security controls to NIST and agency-specific frameworks, and manage all activities related to the Authority to Operate (ATO) process. The individual will work closely with system owners, engineers, and cybersecurity stakeholders to maintain compliance with federal information security requirements, such as FISMA, FedRAMP, and agency-specific policies.

Key Responsibilities:

• Lead the creation and continuous update of SSPs, POA&Ms, and associated security documentation.
   
• Map and interpret NIST SP 800-53 (and related) controls to system implementations.
   
• Manage and coordinate the ATO process, including control assessments, risk acceptance, and authorization package submissions.
   
• Support internal and external audits, security reviews, and compliance reporting.
   
• Act as a liaison between technical teams, compliance staff, and system owners.
   
• Provide guidance on control implementation, documentation standards, and risk mitigation strategies.
   
• Utilize ServiceNow (IRM/GRC modules) to manage compliance artifacts, workflows, and reporting—experience with ServiceNow for these functions is a plus.
   

Qualifications:

• In-depth knowledge of federal cybersecurity frameworks, including NIST SP 800-53, FedRAMP, and FISMA.
   
• Demonstrated experience with ATO package management and system accreditation.
   
• Strong technical writing and documentation skills.
   
• Experience working in or with government environments.
   
• Familiarity with ServiceNow GRC/IRM modules preferred.
   
• Security certifications (e.g., CAP, CISSP, CISM) are a plus.

We make technology work so people can do great things.     

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive.

CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law.