Manager, Cybersecurity Governance, Risk and Compliance at Envases Ohio LLC

Richland, Washington, United States -

Full Time

Start Date

Immediate

Expiry Date

05 Jan, 26

Salary

193794.0

Posted On

07 Oct, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Governance, Risk Management, Compliance, Policy Development, Risk Assessment, Internal Audit, Security Awareness, Performance Reviews, Strategic Planning, Automation, Communication, Interpersonal Skills, Organizational Skills, Problem Solving, Microsoft Office

Industry

Description

Position Overview The Manager of Cybersecurity Governance, Risk and Compliance is responsible for ensuring the robust security posture of customer sites by overseeing all aspects of cybersecurity governance, risk management and compliance with federal mandates and best practices. The successful candidate will be a visionary leader, an exceptional mentor, and a skilled program manager with a deep understanding of the federal cybersecurity landscape. This position will support the mission-critical operations at the US Department of Energy Handford Site. Major Activities (Typical Duties/Responsibilities) Lead, mentor and develop a high-performing team of experienced cybersecurity analysts specializing in GRC functions (e.g., policy development, risk assessment, internal audit, issues management, security awareness). Foster a collaborative and engaging work environment that promotes professional growth, knowledge sharing, and continuous improvement. Conduct performance reviews, provide regular feedback and develop individual development plans for team members. Delegate tasks effectively, ensuring equitable distribution of workload and leveraging individual strengths. Promote a culture of accountability, proactivity, and excellence within the GRC team Oversee the development, implementation and maintenance of the cybersecurity GRC program in alignment with federal regulations (e.g., FISMA, NIST RMF, FedRAMP), site policies and industry best practices. Manage and prioritize multiple GRC initiatives and projects, ensuring timely completion and adherence to scope and budget. Develop and implement strategic plans for enhancing the cybersecurity GRC posture of customer sites. Establish and track key performance indicators (KPIs) and metrics to measure the effectiveness of GRC activities. Identify and implement automation and process improvements to enhance GRC efficiency and effectiveness. Monitor and ensure the organization's adherence to the performance requirements and deliverables outlined in its contracts with customers. Develop, track and report on key performance indicators (KPIs) and service level agreements (SLAs) related to cybersecurity GRC activities as required by customer contracts. Identify potential deviations or risks to contractual obligations and develop mitigation strategies in collaboration with relevant stakeholders. Prepare and present regular performance reports to internal leadership and external customer representatives, demonstrating compliance and program effectiveness. Facilitate and support customer-initiated reviews and audits related to cybersecurity contract performance. Serve as the primary point of contact for cybersecurity GRC matters with internal and external stakeholders, including senior leadership, federal auditors, agency officials, and other site departments. Effectively communicate complex cybersecurity concepts and risks to non-technical audiences. Represent the organization in various forums, committees and working groups related to cybersecurity GRC. Build and maintain strong relationships with key stakeholders to foster a collaborative approach to cybersecurity. Perform other duties as appropriate and as assigned. Knowledge/Skills/Abilities Working knowledge of federal cybersecurity regulations, frameworks, and guidelines such as Federal Information Security Modernization Act (FISMA), National Institute of Standards and Technology (NIST) Special Publications (e.g., SP 800-53, SP 800-37, SP 800-30) and Federal Risk and Authorization Management Program (FedRAMP). Working knowledge of cybersecurity tools and technologies used for GRC activities (e.g., GRC platforms, vulnerability scanners, security information and event management (SIEM) systems). Good interpersonal skills: ability to work effectively and cooperatively with all levels of management and staff, affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others. Superior organizational, follow-up, and detail-oriented skills. Strong ability to analyze documents and categorize appropriately. Ability to maintain accurate records. Work independently, as well as on a team and with minimal supervision. Make decisions, solve problems, and exercise excellent judgment. Work well under pressure and independently prioritize workload, while working on multiple projects. Ability to research, organize and analyze technical information with particular attention to accuracy and detail. Excellent written and verbal communication skills; including thorough knowledge of proper grammar, advanced vocabulary, spelling, editing and proofreading skills. Proficient using Microsoft Office products, such as Word, Excel and PowerPoint, and industry-standard computer software and databases. High degree of sensitivity regarding confidential information. Physical Abilities Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time. Visual and communications ability adequate to perform the essential functions of the job. Ability to kneel, bend and twist at the waist on an occasional basis. Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion. Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis. Minimum Qualifications Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Management Information Systems, Business Administration or other related field. Eight or more years of relevant work experience, including: Five or more years of progressive experience in cybersecurity Management and leadership experience (e.g., manager/supervisor, team/project/program lead or similar experiences in a formal or informal leadership capacity. Ability to pass a background and drug screening Must have identification compliant with the Real ID Act at time of hire Must be able to obtain Department of Energy badge Pay Range: $110,527.00 - $193,794/yearly Benefits: OSC Technical Solutions offers excellent benefits for eligible employees. Benefits include paid holidays, paid time off, 401k with employer match, dental, vision, health insurance plans through the Federal Employee Health Benefits (FEHB) program, as well as life and disability benefits. OSC Technical Solutions does not discriminate, and the company provides equal employment opportunity for all employees and applicants without regard to race, religion, color, sex, gender, sexual orientation, national origin, citizenship status, age, marital status, pregnancy or parenthood, handicap or disability, genetics, veteran status or any other legally protected characteristic. OSC Technical Solutions adheres to all federal, state and local laws regarding equal employment opportunity and will not discriminate against you in violation of these laws. OSC Technical Solutions reserves the right to apply CIRI Shareholder preference to qualified Shareholders in employment and advancement opportunities. OSC Technical Solutions participates in E-Verify. We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization. Reasonable Accommodation: OSC Technical Solutions will provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with OSC Global, LLC or any of its subsidiaries, please email recruiting@ciri.com.

Responsibilities

The Manager of Cybersecurity Governance, Risk and Compliance oversees all aspects of cybersecurity governance, risk management, and compliance with federal mandates. This role includes leading a team of cybersecurity analysts and ensuring adherence to federal regulations and best practices.