Cybersecurity Compliance Program Manager (GRC)
Job Summary
The Cybersecurity Compliance Program Manager leads and oversees the organization’s comprehensive cybersecurity compliance initiatives, ensuring alignment with key standards such as CMMC, ISO 27001, SOX, PCI DSS, and Cyber Essentials. This role is responsible for developing and maintaining compliance policies, coordinating and managing internal and external audits, conducting risk assessments, and driving remediation efforts. The manager collaborates with cross-functional stakeholders to ensure regulatory adherence, proactively identifies areas for process improvement, and provides expert guidance to mitigate organizational risk while supporting a culture of security and compliance.
Responsibilities And Tasks
Lead Cybersecurity Compliance Program: Serve as the primary owner for all cyber compliance initiatives, policies, and processes. Drive compliance strategy and execution across the organization.
CMMC Compliance Leadership: Oversee all activities related to achieving and maintaining Cybersecurity Maturity Model Certification (CMMC) compliance. Coordinate gap assessments, remediation plans, and evidence collection. Manage Multi-Framework Compliance.
Develop and maintain documentation, policies, and procedures aligned with these frameworks. Audit Coordination: Act as the primary point of contact for internal and external audits. Prepare and present compliance evidence and reports to auditors and leadership.
Risk Management: Identify compliance risks and develop mitigation strategies. Maintain a compliance risk register and track remediation efforts.
Stakeholder Engagement: Collaborate with IT, Security, Legal, and Business teams to ensure compliance requirements are understood and met. Provide training and awareness programs related to compliance obligations.
Education, Experience/Knowledge & License/Certification
Bachelor’s degree in Cybersecurity, Information Technology, or related field
7+ years of experience in Governance, Risk, and Compliance roles
Strong knowledge of CMMC and DFARS requirements
Certifications such as CISA, CISSP, CRISC, or ISO 27001 Lead Auditor are highly desirable
Skills And Abilities
Experience managing audits and regulatory assessments
Excellent communication and leadership skills (without direct people management)
Benefits
Most locations offer a 9/80 schedule, providing every other Friday off
Competitive compensation & 401(k) program to plan for your future
Robust medical, dental, vision, & disability coverage with qualified wellness discounts
Basic Life Insurance and Additional Life & AD&D Insurances are available
Paid Parental Leave
Generous Employee Referral Program
Voluntary Benefits Available: Longer Term Care, Legal, Identity Theft, Pet Insurance, and more
Voluntary Tricare Supplement available for military retirees