Talent.com
Manager, Governance Risk & Compliance
Manager, Governance Risk & ComplianceThe Johns Hopkins University Applied Physics Laboratory • Laurel, MD, United States
Manager, Governance Risk & Compliance

Manager, Governance Risk & Compliance

The Johns Hopkins University Applied Physics Laboratory • Laurel, MD, United States
30+ days ago
Job type
  • Full-time
Job description

Description

Are you interested in being part of a forward thinking Cybersecurity program?

Are you inquisitive and analytical with expertise in Cybersecurity Governance, Risk, and Compliance?

If so, we 're looking for someone like you to join our team at APL.

We are seeking a Supervisor for our Governance, Risk, and Compliance (GRC) section to provide vision, direction, and leadership for cybersecurity oversight and maintenance of Federal Information Systems Management Act (FISMA) compliant security programs supervise a team of cybersecurity analysts in a matrix organization partnering with cyber architecture & engineering, cyber hunt & incident response, and operational cyber research.

As a cybersecurity subject matter expert, you will support innovation and digital transformation across the Laboratory. Manage our enterprise Vulnerability Management program and proactively identify and lead opportunities to reduce vulnerabilities across IT systems and emerging platforms like cloud and Internet of Things. Use your comprehensive understanding of evolving tactics, techniques, and procedures used by Nation State adversaries to assess and determine risk to the organization. Work with IT compliance stakeholders to assess risks and provide relevant technical guidance in order for stakeholders to make effective decisions.

As the Supervisor for our Governance, Risk, and Compliance (GRC) section you will...

  • Maintain formalized IT Governance framework for APL's unclassified network. Review existing IT compliance controls for regulatory updates and perform necessary gap analysis create and participate in various internal and external audit and compliance activities. Monitor compliance with and develop organizational security policies and procedures for compliance with FISMA and NIST 800-53, NIST 800-171, HIPAA, as well as developing and evolving government regulations. Review and provide input on contracts for compliance. Create and maintain Systems Security Plans and document monitor and report on status of POA&M items. Present briefings to senior management.
  • Develop and enhance processes, work flows, and documentation for monitoring compliance and privacy requirements.
  • Participate in project and cross-functional security teams requiring interaction with system administrators, networking staff, application developers, IT operations staff, and cyber research and development areas within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations.
  • Work effectively with all levels of management and staff and participate in project and cross-functional security teams within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations and evolve cyber security awareness and training programs. Work with internal, industry and third party IT security partners to stay current on industry trends, controls and security technologies and services. Collaborate with other organizations to maintain knowledge and leverage best practices. Provide routine reporting on goals and objectives to management.
  • Establish strong relationships with staff, improve morale, conduct coaching, promote career growth, manage performance, and participate in recruiting and other line supervision activities as a member of the department 's extended management team.

Qualifications

You meet our minimum requirements if you...

  • Hold a Bachelor 's degree in Information Systems, Computer Science, Cybersecurity or equivalent years of relevant professional IT work experience.
  • Have 7+ years of hands-on operational IT cybersecurity experience.
  • Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk with a pplied knowledge of NIST 800-53, NIST 800-171, and HIPAA regulations.
  • Have experience running vulnerability analysis tools, like Nessus, Qualys, or Rapid7.
  • Have experience with data analysis using tools like, Splunk, ELK, or SQL.
  • Have experience in assessing cloud technologies such as Amazon Web Services or Microsoft Azure.
  • Have 5+ years in management / supervision in an operational cybersecurity role.
  • Are able to self-direct and work independently as necessary.
  • Possess exceptional analytical and problem-solving skills.
  • Are an articulate and effective communicator with the ability to engage all levels of staff and management.
  • Possess a proven track record of successfully leading, coaching, and motivating direct reports in solving complex problems.
  • Are able to obtain a Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

    • You go above and beyond our minimum requirements if you...

  • Hold a Master's degree in Information Systems, Computer Science, or related field.
  • Have experience with supporting cybersecurity operation center processes and tools.
  • Have experience running IT projects involving at least 10 people.
  • Possess certifications such as CISSP, CISSP-ISSEP, or SANS GIAC Security Essentials.
  • Have extensive experience in cloud technologies such as Amazon Web Services or Microsoft Azure.

    • About Us

    Why Work at APL?

    The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.

    At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work / life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at http : / / www.jhuapl.edu / careers .

    All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu .

    The referenced pay range is based on JHU APL's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education / training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and / or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis.

    Minimum Rate

    $105,000 Annually

    Maximum Rate

    $265,000 Annually

    Create a job alert for this search

    Compliance Manager • Laurel, MD, United States

    Related jobs
    Risk Manager

    Risk Manager

    Coinbase • Washington, DC, United States
    Full-time
    Ready to be pushed beyond what you think you’re capable of?.At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, ...Show more
    Last updated: 17 days ago • Promoted
    PAC & Government Relations Manager – DC, Compliance

    PAC & Government Relations Manager – DC, Compliance

    Nashville Public Radio • Washington, DC, United States
    Full-time
    A diversified company in Washington, DC is seeking a skilled professional to lead their Political Action Committee operations. The successful candidate will manage PAC activities, ensure compliance ...Show more
    Last updated: 4 days ago • Promoted
    Manager - Risk Management

    Manager - Risk Management

    UHS • Washington, DC, United States
    Full-time
    Cedar Hill Regional Medical Center.Cedar Hill Regional Medical Center GW Health is the first new full-service hospital in Washington, DC in more than 20 years, integrating clinical care with existi...Show more
    Last updated: 17 days ago • Promoted
    Contractual Deal Strategy, Contracting and Risk Support Senior Manager - National_Office

    Contractual Deal Strategy, Contracting and Risk Support Senior Manager - National_Office

    Virginia Staffing • Washington, DC, US
    Full-time
    The National Office, a key strategic enabler in our new model, is comprised of professionals with various areas of focus that collectively provide mission critical services to support Deloittes ove...Show more
    Last updated: 5 days ago • Promoted
    Head of Governance, Risk and Controls

    Head of Governance, Risk and Controls

    FGS Global • Washington, DC, US
    Full-time
    We are recruiting for the Head of GRC to join our Information Security team based in London, Frankfurt, New York or Washington DC. Based in fabulous city centre offices, with a fantastic team, FGS i...Show more
    Last updated: 1 day ago • Promoted
    Senior Program Manager, Fraud Prevention & Payment Risk

    Senior Program Manager, Fraud Prevention & Payment Risk

    Mesa • Washington, DC, US
    Full-time
    Senior Program Manager, Fraud Prevention & Payment Risk.Mesa is on a mission to make homeownership more affordable and rewarding. Led by a world-class team of repeat founders and fintech operators f...Show more
    Last updated: 30+ days ago • Promoted
    Third-Party Risk Assurance Manager

    Third-Party Risk Assurance Manager

    Cotton & CO • Alexandria, VA, United States
    Full-time
    Third Party Risk Assurance Manager - (Remote, US).What to expect when you join the Sikich family.Team members at Sikich have a lot in common while also being part of a rich and varied group of cont...Show more
    Last updated: 10 days ago • Promoted
    Ethics and Compliance Program Manager

    Ethics and Compliance Program Manager

    ACS • Washington, DC, US
    Full-time
    Ethics And Compliance Program Manager.Reporting to the Global Head of Ethics & Compliance, the Program Manager will play a critical role in supporting ethical sourcing, operational assurance progra...Show more
    Last updated: 28 days ago • Promoted
    Manager, Security Governance Risk and Compliance

    Manager, Security Governance Risk and Compliance

    KPMG US • Washington, DC, United States
    Full-time
    Manager, Security Governance Risk and Compliance.Join KPMG US as a Manager, Security Governance Risk and Compliance.This is a remote work opportunity. Apply a thorough knowledge of risk, compliance ...Show more
    Last updated: 10 days ago • Promoted
    Health Care Disputes - Compliance Risk Adjustment, Senior Director - Senior Director

    Health Care Disputes - Compliance Risk Adjustment, Senior Director - Senior Director

    Ankura • Washington, DC, US
    Full-time
    Ankura is a team of excellence founded on innovation and growth.Ankura's Disputes & Economics professionals are world class and globally recognized independent experts who tailor financial, operati...Show more
    Last updated: 30+ days ago • Promoted
    Manager

    Manager

    Panera • Sykesville, MD, US
    Full-time
    Provide Manager services in Eldersburg, Maryland, United States learn more about this role and apply.Show more
    Last updated: 26 days ago • Promoted
    Risk Adjustment Senior Manager

    Risk Adjustment Senior Manager

    Accenture • Arlington, VA, United States
    Full-time
    Accenture is a leading global professional services company that helps the world's leading businesses, governments and other organizations build their digital core, optimize their operations, accel...Show more
    Last updated: 2 days ago • Promoted
    Risk Manager

    Risk Manager

    Samprasoft • Washington, DC, US
    Full-time
    As a risk manager with our Randstad client in Washington, DC, you will play a critical role in supporting the development and execution of the program's risk management strategy.Show more
    Last updated: 30+ days ago • Promoted
    Policy and Compliance Manager

    Policy and Compliance Manager

    Peraton • Washington, DC, US
    Full-time
    Join Peraton in advancing the safety, efficiency, and modernization of the National Airspace System (NAS) through the FAA's Brand New Air Traffic Control System (BNATCS) contract.As a trusted partn...Show more
    Last updated: 22 days ago • Promoted
    Director - Cybersecurity

    Director - Cybersecurity

    Five Guys • Alexandria, VA, United States
    Full-time
    The Director - Cybersecurity is responsible for leading Five Guys cybersecurity strategy, governance, and operations to protect critical assets, data, and infrastructure. This executive-level role o...Show more
    Last updated: 17 days ago • Promoted
    Sr. Manager Cybersecurity (Fusion Officer)

    Sr. Manager Cybersecurity (Fusion Officer)

    Washington Metro • Alexandria, VA, United States
    Full-time +1
    Manager Cybersecurity (Fusion Officer).Department Marketing Statement : .The Washington Metropolitan Area Transit Authority (Metro) is building a state-of-the-art cybersecurity program to better prot...Show more
    Last updated: 8 days ago • Promoted
    Cybersecurity Lead Manager

    Cybersecurity Lead Manager

    ASRC Federal Holding Company • Alexandria, VA, United States
    Full-time
    ASRC Federal is a leading government contractor furthering missions in space, public health and defense.As an Alaska Native owned corporation, our work helps secure an enduring future for our share...Show more
    Last updated: 17 days ago • Promoted
    Manager, Cybersecurity Governance and Risk

    Manager, Cybersecurity Governance and Risk

    Next Step Systems LTD • Washington, DC, United States
    Full-time
    Manager, Cybersecurity Governance and Risk, Washington, DC.The Manager, Cybersecurity Governance and Risk will lead IT risk management (ITRM) initiatives to increase the transparency of risk impact...Show more
    Last updated: 13 days ago • Promoted