Jobs · Information Technology · California

IT Compliance Program Manager

General Atomics · San Diego, CA · 2 wk ago
HybridInformation TechnologyFull-time

Job Summary

General Atomics (GA), and its affiliated companies, is one of the world’s leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies. We have an exciting opportunity for a Cybersecurity Compliance Program Manager to join our Information Technology Services (ITS) Information Assurance team. Reporting directly to the Senior Manager of IT Governance, Risk and Compliance, this role will support the IT compliance activities of the organization.

Duties and Responsibilities

  • Develop, implement, and maintain IT compliance programs, policies, and procedures in accordance with relevant regulations, including but not limited to:NIST Special Publications (e.g., NIST 800-171 Revisions 2, 3)DFARS (Defense Federal Acquisition Regulation Supplement)FAR (Federal Acquisition Regulation)CMMC (Levels 1 through 3)ISO 27000 Series
  • Conduct regular internal assessments to evaluate the effectiveness of IT controls and identify areas for improvement.
  • Manage external audits by government agencies (e.g., DCAA, DCMA) or third-party assessors.
  • Work with IT, security, and other departments to ensure that systems and processes are designed and implemented to meet compliance requirements.
  • Maintains knowledge of applicable policies, regulations, and compliance documents related to cybersecurity and information assurance.
  • Participates in assessments of information technology systems; ensures periodic system security reviews are conducted and documented.
  • Provides input to a cybersecurity awareness training program that is engaging and influences changes in employees’ behavior.
  • Develops appropriate electronic and hard copy reports and records, including new or revised electronic or hard copy documentation. Create compliance related presentations to internal stakeholders as needed.
  • Monitor changes in regulations and update policies and procedures accordingly.
  • Serve as a point of contact for IT compliance-related inquiries.
  • Investigate and address any compliance violations or incidents.
  • Maintain the strict confidentiality of sensitive information.
  • Embraces continuous learning with a passion to keep abreast of changes in regulatory and technology environments.

Qualifications

  • Typically requires a bachelors degree in a related discipline and ten or more years of progressive professional experience in information assurance or a related field.
  • Equivalent professional experience may be substituted in lieu of education.
  • Prefers six or more years of experience with cybersecurity and IT compliance programs affecting highly regulated industries.
  • CompTIA Security +, CISSP or higher certification strongly desired.
  • Familiar with regulatory requirements that affect the Aerospace and Defense industry such as DFARS 252.204-7012, DFARS 252.204-7016 through 7020, and Cybersecurity Maturity Model Certification (CMMC).
  • Familiar with international regulatory requirements that affect that Aerospace and Defense industry, such as UK Cyber Essentials, Canada Program for Cyber Security Certification (CPCSC), etc.
  • Familiar with applicable Artificial Intelligence (AI) regulations at local, state, federal and international levels
  • Familiar with internationally recognized standards, such as the ISO 27000 series
  • Familiar with privacy regulations, such as CCPA and GDPR
  • Experience with utilizing tools to support compliance programs, such as GRC tools
  • Must have experience organizing, planning, scheduling, conducting, and managing work assignments to meet project milestones or established completion dates.
  • Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes.
  • Must be customer focused and possess:
    • The ability to identify issues, analyze data and develop solutions to a variety of technical and administrative problems;
    • Excellent analytical, verbal and written communication skills to accurately document, report, and present findings;
    • Excellent interpersonal skills enabling an effective interface with other professionals;
    • and Excellent computer skills.
  • Absolutely must have experience working independently or in a team environment and the ability to work extended hours as required.
  • The applicant must be a U.S. citizen and possess, or be able to obtain and maintain, a security clearance at or above the Secret level.

Similar jobs

IT Compliance Manager

NXP SemiconductorsAustin, TX· 1 wk ago
Information Technologyapply on nxp.wd3.myworkdayjobs.com

IT Compliance Manager

Sprouts Farmers MarketPhoenix, AZ· 3 wk ago
Information Technologyapply on sprouts.jibeapply.com