Government Security Compliance Manager - Management Concepts
Tysons Corner, VA 22102
About the Job
Government Security Compliance Manager
For over 50 years, Management Concepts has provided training and workforce development solutions for Federal Government employees, teams, and agencies with a mission to improve individual and organizational effectiveness.
The Training and Development industry is constantly evolving. Management Concepts is striving to remain relevant amidst all the change and continue to adapt, innovate, and thrive. We believe that every customer deserves an excellent experience which starts with our people and includes our technology. As a provider to the Federal Government, we also strive to be vigilant and compliant with government regulations. Two key areas that compel our attention are Section 508 accessibility and Controlled Unclassified Information (CUI) as governed by the Cybersecurity Maturity Model Certification (CMMC).
As the Government Security Compliance Manager, you play a crucial role in ensuring that Management Concepts meets the cybersecurity standards outlined by CMMC. You are responsible for overseeing and implementing policies, procedures, and controls to safeguard all designated CUI and ensure compliance with CMMC requirements. In addition, our customers are demanding FedRAMP-like compliance for the services and solutions we deliver. Therefore, understanding and integrating FedRAMP as necessary into our compliance architecture is critically important. This position reports to the General Counsel/Chief Risk Officer and is an integral part of Management Concepts’ commitment to maintaining the highest standards of cybersecurity for not only CUI but also our company information.
As our ideal candidate, you possess a unique blend of technical expertise, leadership acumen, and strategic vision to align cybersecurity initiatives with organizational goals, including support of business growth and innovation, and identify and mitigate cybersecurity risks. At your core, you are:
- A great communicator. You know effective communication skills are paramount to effectively conveying complex cybersecurity concepts to diverse stakeholders and to leading cross-functional teams.
- A problem solver. You enjoy a challenge and will run with it. You are passionate about using your analytical skills to find solutions and to optimize our cybersecurity posture. Your attention to detail is critical to success in this role, especially around incident response plans and navigating audits.
- A collaborator. You know how to leverage the smart people you work with and that the whole is greater than the sum of its parts on high-performing teams. You understand that our CMMC goals are only attainable by fostering cooperation across Management Concepts.
- Proactive and prepared. You are adept at developing and enforcing policies and procedures. You possess the leadership skills to shape and drive continuous improvement in our cybersecurity posture by understanding evolving best practices and refining strategies to maintain their effectiveness in the face of new threats, changing business requirements, and government regulations.
Key Responsibilities
1. CMMC Implementation
· Lead the development and implementation of strategies to achieve and maintain compliance with CMMC requirements.
· Conduct comprehensive assessments of existing cybersecurity practices and identify areas for improvement.
2. Policy and Procedure Development
· Develop, review, and update organizational policies and procedures to align with CMMC requirements.
· Ensure that employees are aware of and trained on cybersecurity policies and procedures.
3. Cross-functional Collaboration
· Collaborate with IT, security, and other relevant departments to ensure a comprehensive approach to CMMC compliance.
· Provide guidance to different teams on CMMC requirements and best practices.
4. Auditing and Monitoring
· Coordinate and manage internal and external audits to assess compliance levels.
· Implement and manage continuous monitoring processes to identify and address potential vulnerabilities.
5. Documentation and Reporting
· Maintain comprehensive documentation of CMMC compliance efforts, including policies, procedures, and audit results.
· Generate regular reports for leadership on Management Concepts’ CMMC compliance status.
6. Incident Response and Remediation
· Develop and oversee incident response plans to address cybersecurity incidents promptly.
· Collaborate with IT and security teams to implement remediation plans.
7. Training and Awareness
· Develop and conduct training programs to enhance the cybersecurity awareness of employees.
· Stay informed about the latest cybersecurity threats, technologies, and best practices.
Qualifications
· Bachelor's degree in Information Security, Cybersecurity, or a related field.
· Relevant certifications such as CISSP, CISM, or CISA are highly desirable.
· Proven experience in implementing and managing cybersecurity compliance programs, preferably with a focus on CMMC.
· Strong understanding of CMMC framework and its requirements.
· Excellent communication and people skills to effectively interact with various stakeholders.
· Ability to lead and influence cross-functional teams towards a common goal.
· Detail-oriented with strong analytical and problem-solving skills.
· Knowledge of relevant laws, regulations, and industry standards related to cybersecurity.
See Job Description