IT Security Federal Compliance Manager

Job Family:

IT Cyber Security

Travel Required:

Up to 10%

Clearance Required:

None

What You Will Do:

The Cybersecurity Federal Compliance Manager will lead the Compliance team within the office of the CISO. This position will manage a compliance team responsible for NIST 800-171, CMMC, and NIST 800-53 compliance programs. Responsible for collaborating with other cybersecurity team members, information technology, and business unit functions, the Cybersecurity Federal Compliance Manager will oversee managing the reviews of the Guidehouse control environment (infrastructure, systems, applications, etc.) and corresponding processes to confirm they are aligned to relevant regulations as well as Guidehouse policies and standards.

The Cybersecurity Federal Compliance Manager will manage the schedule of control assessments, manage relationships with stakeholders, assist teams with gathering appropriate evidence and assist on maintaining documentation pertinent to the applicable framework.

Additionally, this role will have input into risk assessments and issue documentation/tracking to support the full lifecycle of Compliance operations. We are a service-oriented group, and you will actively engage with technical and compliance teams such as legal and various business units, etc. to perform and advance Guidehouse federal compliance initiatives. To do this, you will manage the day-to-day tasks and help drive processes and procedures with other IT security professionals dedicated to the mission and vision of Guidehouse IT Security.

In this role you will:

• Act as a cybersecurity liaison and align/mature our IT Security compliance process with IT, Internal Audit, business organizational units and external audit.

• Manage the audit readiness activities that include gap assessments and remediation's.

• Facilitate external audits with auditors and stakeholders.

• Manage the full life cycle of document requests, scheduling and participation of audit walk throughs.

• Stay up to date with changes to NIST and CMMC programs as well as other applicable federal programs and regulations

• Manage and coordinate identified issues and findings across compliance related activities and ensure they are documented and tracked for remediation

• Oversee and enhance the continuous monitoring plan specific to NIST and CMMC. Report results on a quarterly basis to leadership

• Manage and perform reviews of IT Security controls by performing control and risk assessments of processes, procedures, policies, system configuration, etc. to document control effectiveness from both a design and operating effectiveness perspective

• Mange, direct, and review the work of the team

• Responsible for management functions that include hiring, firing, promotion, and reward authority

• Need to be able to work East Coast US business hours

What You Will Need:

• Bachelor’s Degree and minimum 7 years of experience; OR 11 years of experience in lieu of degree

• U.S. citizenship

• Experience assessing NIST SP 800-171 controls against the NIST SP 800-171a ‘Determine if statements’ in a large corporate environment

• Strong knowledge and current awareness of the CMMC framework and requirements

• Experience assessing NIST SP 800-53 controls

• A highly motivated individual with strong project management skills, organization, oral and written communication skills

• High attention to detail

• At least one of the following security certifications:

  • ISC2 Certified Information Security Professional (CISSP)

  • ISACA Certified Information Security Manager (CISM)

  • ISACA Certified Information Systems Auditor (CISA)

  • CompTIA Security+

What Would Be Nice To Have:

• Experience working with Governance Risk and Compliance tools beyond the manual processes of excel sheets, folders, and emails

• Experience with Microsoft Azure Compliance Center

• Working knowledge of Active Directory, Exchange, SharePoint, and Teams

• Demonstrated ability to learn and document new technologies/solutions

• Experience with ServiceNow is a plus

• Experience working in an ITIL environment

• Preference will be given to candidates who are located within 50 miles of a Guidehouse office

The annual salary range for this position is $113,000.00-$188,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts

• Short-Term & Long-Term Disability

• Student Loan PayDown

• Tuition Reimbursement, Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency Back-Up Childcare Program

• Mobility Stipend

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.