Government IT Security Compliance Manager

Government IT Security Compliance Manager, Durant, OK

Qualifications/Requirements:

• Bachelor's degree in Information Security, Cybersecurity, or a related field.
• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
• CMMC Registered Professional (RP) credential preferred, completion of CMMC CCP training highly desirable, CMMC Provisional Assessor Credential highly desirable
• Proven experience in implementing and managing cybersecurity compliance programs, preferably with a focus on CMMC.
• Strong understanding of CMMC framework and its requirements.
• Excellent communication and people skills to effectively interact with various stakeholders.
• Ability to lead and influence cross-functional teams towards a common goal.
• Detail-oriented with strong analytical and problem-solving skills.
• Knowledge of relevant laws, regulations, and industry standards related to cybersecurity.
• Proficient in administration and maintenance of security systems infrastructure, application, devices, tools and software services
• Experience with CMMC preparation, implementation, or certification
• Working knowledge of the controls and implementation of compliances such as DFARS and NIST 800
• 10 - 15 years industry experience
• Must have firm grasp of Microsoft Security Stack (Sentinel and Defender for Endpoint) and Qualys VMDR
• Knowledge of DLP, Anti-Virus, Endpoint Protection, Disk & Data Encryption, FIPS
• Active Top Security Clearance is highly desirable

Responsibilities:

• Perform Gap Analyses to assess current state against Compliance requirements.
• Provide compliance remediation services to research and develop technical solutions to compliance related problems, and other services including road mapping, System Security Plan (SSP) development, and Policy and Procedure support.
• Support and guide information risk and security discussions with technical and non-technical groups
• Ability to track detailed tasks and ensure timely delivery of project deliverables.
• Critical thinking, and ability to balance security requirements with mission needs.
• Manage a diverse team of IT technicians located in various work areas throughout the US
• Develop and oversee incident response plans to address cybersecurity incidents promptly.
• Collaborate with IT teams to implement remediation plans.
• Develop and conduct training programs to enhance the cybersecurity awareness of employees.
• Stay informed about the latest cybersecurity threats, technologies, and best practices.
• Coordinate and manage internal and external audits to assess compliance levels.
• Implement and manage continuous monitoring processes to identify and address potential vulnerabilities.
• Ensure that employees are aware of and trained on cybersecurity policies and procedures.
• Maintain comprehensive documentation of CMMC compliance efforts, including policies, procedures, and audit results.
• Conduct comprehensive assessments of existing cybersecurity practices and identify areas for improvement.

Position Type:

• Full Time Hybrid (must be able to be in Durant, OK office a minimum of three (3) times each week)