Talent.com
Manager, Governance Risk & Compliance
Manager, Governance Risk & ComplianceThe Johns Hopkins University Applied Physics Laboratory • Laurel, MD, United States
Manager, Governance Risk & Compliance

Manager, Governance Risk & Compliance

The Johns Hopkins University Applied Physics Laboratory • Laurel, MD, United States
6 hours ago
Job type
  • Full-time
Job description

Description

Are you interested in being part of a forward thinking Cybersecurity program?

Are you inquisitive and analytical with expertise in Cybersecurity Governance, Risk, and Compliance?

If so, we 're looking for someone like you to join our team at APL.

We are seeking a Supervisor for our Governance, Risk, and Compliance (GRC) section to provide vision, direction, and leadership for cybersecurity oversight and maintenance of Federal Information Systems Management Act (FISMA) compliant security programs supervise a team of cybersecurity analysts in a matrix organization partnering with cyber architecture & engineering, cyber hunt & incident response, and operational cyber research.

As a cybersecurity subject matter expert, you will support innovation and digital transformation across the Laboratory. Manage our enterprise Vulnerability Management program and proactively identify and lead opportunities to reduce vulnerabilities across IT systems and emerging platforms like cloud and Internet of Things. Use your comprehensive understanding of evolving tactics, techniques, and procedures used by Nation State adversaries to assess and determine risk to the organization. Work with IT compliance stakeholders to assess risks and provide relevant technical guidance in order for stakeholders to make effective decisions.

As the Supervisor for our Governance, Risk, and Compliance (GRC) section you will...

  • Maintain formalized IT Governance framework for APL's unclassified network. Review existing IT compliance controls for regulatory updates and perform necessary gap analysis create and participate in various internal and external audit and compliance activities. Monitor compliance with and develop organizational security policies and procedures for compliance with FISMA and NIST 800-53, NIST 800-171, HIPAA, as well as developing and evolving government regulations. Review and provide input on contracts for compliance. Create and maintain Systems Security Plans and document monitor and report on status of POA&M items. Present briefings to senior management.
  • Develop and enhance processes, work flows, and documentation for monitoring compliance and privacy requirements.
  • Participate in project and cross-functional security teams requiring interaction with system administrators, networking staff, application developers, IT operations staff, and cyber research and development areas within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations.
  • Work effectively with all levels of management and staff and participate in project and cross-functional security teams within the organization in order to identify and implement information assurance controls and risk mitigation techniques for IT operations and evolve cyber security awareness and training programs. Work with internal, industry and third party IT security partners to stay current on industry trends, controls and security technologies and services. Collaborate with other organizations to maintain knowledge and leverage best practices. Provide routine reporting on goals and objectives to management.
  • Establish strong relationships with staff, improve morale, conduct coaching, promote career growth, manage performance, and participate in recruiting and other line supervision activities as a member of the department 's extended management team.

Qualifications

You meet our minimum requirements if you...

  • Hold a Bachelor 's degree in Information Systems, Computer Science, Cybersecurity or equivalent years of relevant professional IT work experience.
  • Have 7+ years of hands-on operational IT cybersecurity experience.
  • Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk with a pplied knowledge of NIST 800-53, NIST 800-171, and HIPAA regulations.
  • Have experience running vulnerability analysis tools, like Nessus, Qualys, or Rapid7.
  • Have experience with data analysis using tools like, Splunk, ELK, or SQL.
  • Have experience in assessing cloud technologies such as Amazon Web Services or Microsoft Azure.
  • Have 5+ years in management / supervision in an operational cybersecurity role.
  • Are able to self-direct and work independently as necessary.
  • Possess exceptional analytical and problem-solving skills.
  • Are an articulate and effective communicator with the ability to engage all levels of staff and management.
  • Possess a proven track record of successfully leading, coaching, and motivating direct reports in solving complex problems.
  • Are able to obtain a Secret level security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

    • You go above and beyond our minimum requirements if you...

  • Hold a Master's degree in Information Systems, Computer Science, or related field.
  • Have experience with supporting cybersecurity operation center processes and tools.
  • Have experience running IT projects involving at least 10 people.
  • Possess certifications such as CISSP, CISSP-ISSEP, or SANS GIAC Security Essentials.
  • Have extensive experience in cloud technologies such as Amazon Web Services or Microsoft Azure.

    • About Us

    Why Work at APL?

    The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.

    At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work / life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at http : / / www.jhuapl.edu / careers .

    All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu .

    The referenced pay range is based on JHU APL's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education / training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and / or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis.

    Minimum Rate

    $105,000 Annually

    Maximum Rate

    $265,000 Annually

    Create a job alert for this search

    Compliance Manager • Laurel, MD, United States

    Related jobs
    Risk Manager

    Risk Manager

    Coinbase • Washington, DC, United States
    Full-time
    Ready to be pushed beyond what you think you’re capable of?.At Coinbase, our mission is to increase economic freedom in the world. It’s a massive, ambitious opportunity that demands the best of us, ...Show more
    Last updated: 18 days ago • Promoted
    Risk Adjustment Senior Manager

    Risk Adjustment Senior Manager

    Virginia Staffing • Washington, DC, US
    Full-time
    Accenture Health Team Opportunity.Accenture is a leading global professional services company that helps the world's leading businesses, governments, and other organizations build their digital cor...Show more
    Last updated: 8 hours ago • Promoted • New!
    Manager - Risk Management

    Manager - Risk Management

    UHS • Washington, DC, United States
    Full-time
    Cedar Hill Regional Medical Center.Cedar Hill Regional Medical Center GW Health is the first new full-service hospital in Washington, DC in more than 20 years, integrating clinical care with existi...Show more
    Last updated: 18 days ago • Promoted
    Contract Accounting Manager

    Contract Accounting Manager

    Adams and Associates, Inc. • Columbia, MD, United States
    Full-time
    Provides oversight of Company’s regional Finance departments.Develops and produces financial tools and reports, both routine and special needs, that will collect, disseminate and analyze operationa...Show more
    Last updated: 26 days ago • Promoted
    Third-Party Risk Assurance Manager

    Third-Party Risk Assurance Manager

    Cotton & CO • Alexandria, VA, United States
    Full-time
    Third Party Risk Assurance Manager - (Remote, US).What to expect when you join the Sikich family.Team members at Sikich have a lot in common while also being part of a rich and varied group of cont...Show more
    Last updated: 11 days ago • Promoted
    Manager, Security Governance Risk and Compliance

    Manager, Security Governance Risk and Compliance

    KPMG US • Washington, DC, United States
    Full-time
    Manager, Security Governance Risk and Compliance.Join KPMG US as a Manager, Security Governance Risk and Compliance.This is a remote work opportunity. Apply a thorough knowledge of risk, compliance ...Show more
    Last updated: 11 days ago • Promoted
    Manager

    Manager

    Panera • Sykesville, MD, US
    Full-time
    Provide Manager services in Eldersburg, Maryland, United States learn more about this role and apply.Show more
    Last updated: 27 days ago • Promoted
    Global Insurance Risk Manager

    Global Insurance Risk Manager

    CoreWeave • Washington, DC, United States
    Full-time
    CoreWeave is The Essential Cloud for AI™.Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence....Show more
    Last updated: 8 hours ago • Promoted • New!
    E&C Program Effectiveness Senior Manager

    E&C Program Effectiveness Senior Manager

    PwC (US) • Washington, DC, US
    Full-time
    Senior Manager, Ethics & Compliance Program Effectiveness.At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and ...Show more
    Last updated: 5 days ago • Promoted
    Capture Director, DNS

    Capture Director, DNS

    eSimplicity Inc • Columbia, MD, United States
    Full-time
    Simplicity is a modern digital services company that partners with government agencies to improve the lives and protect the well-being of all Americans, from veterans and service members to childre...Show more
    Last updated: 4 days ago • Promoted
    Remote Audit Senior Manager (Digital Assets / Crypto / Exchange / Treasury / Blockchain)

    Remote Audit Senior Manager (Digital Assets / Crypto / Exchange / Treasury / Blockchain)

    BDO USA • Washington, DC, US
    Remote
    Full-time
    The Assurance Senior Manager is responsible for developing suggestions to improve client internal controls and accounting procedures as well as advising the client on various economic and regulator...Show more
    Last updated: 30+ days ago • Promoted
    Risk Manager

    Risk Manager

    Samprasoft • Washington, DC, US
    Full-time
    As a risk manager with our Randstad client in Washington, DC, you will play a critical role in supporting the development and execution of the program's risk management strategy.Show more
    Last updated: 30+ days ago • Promoted
    Policy and Compliance Manager

    Policy and Compliance Manager

    Peraton • Washington, DC, US
    Full-time
    Join Peraton in advancing the safety, efficiency, and modernization of the National Airspace System (NAS) through the FAA's Brand New Air Traffic Control System (BNATCS) contract.As a trusted partn...Show more
    Last updated: 23 days ago • Promoted
    Manager Information Security & Risk Management

    Manager Information Security & Risk Management

    Highmark Health • Washington, DC, United States
    Full-time
    This job provides Information Security and Risk Management services for the Organization.Works with peers within security, HM Health Solutions customers and application teams to ensure alignment wi...Show more
    Last updated: 30+ days ago • Promoted
    Director - Cybersecurity

    Director - Cybersecurity

    Five Guys • Alexandria, VA, United States
    Full-time
    The Director - Cybersecurity is responsible for leading Five Guys cybersecurity strategy, governance, and operations to protect critical assets, data, and infrastructure. This executive-level role o...Show more
    Last updated: 18 days ago • Promoted
    Manager, Cybersecurity Governance and Risk

    Manager, Cybersecurity Governance and Risk

    Next Step Systems LTD • Washington, DC, United States
    Full-time
    Manager, Cybersecurity Governance and Risk, Washington, DC.The Manager, Cybersecurity Governance and Risk will lead IT risk management (ITRM) initiatives to increase the transparency of risk impact...Show more
    Last updated: 14 days ago • Promoted
    Manager

    Manager

    IICRC • Sykesville, MD, US
    Full-time
    The manager will be responsible for driving and directing business operations to ensure productivity and excellence in client service. The General Manager will be required to manage the franchise st...Show more
    Last updated: 30+ days ago • Promoted
    Sanctions Director - Head of Banking Client Risk Management & Advisory (Hybrid)

    Sanctions Director - Head of Banking Client Risk Management & Advisory (Hybrid)

    Citigroup • Washington, DC, US
    Full-time
    Sanctions Director - Head of Banking Client Risk Management & Advisory (Hybrid).Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated peop...Show more
    Last updated: 2 days ago • Promoted