Talent.com
Security Compliance Manager

Security Compliance Manager

GDIT(VAHOME), Office, Home, VA, USA
30+ days ago
Job type
  • Full-time
Job description

Job Description :

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. As a Security Compliance Manager , you will lead our security team in solving challenging problems for our client, the Division of Federal Systems (DFS) for the Office of Child Support Services (OCSS) under Health and Human Services (HHS) Administration for Children & Families (ACF).

Our team provides program support to DFS OCSS to manage and monitor the development, implementation, operation, maintenance, technical support, and enhancement of the division’s systems and services. Federal Parent Locator Service (FPLS) information is, by statute, made available to child support agencies and a limited number of federal and state agencies. These secure systems and services help child support agencies, employers, insurers, and financial institutions exchange information about child support cases; locate parents; establish paternity, custody and visitation; collect support; and identify fraud.

Currently, this role is hybrid. When on-site traveling is required, the work location for this position is the Department of Health and Human Services Mary Switzer Building near Federal Center Southwest in Washington, D.C.

This role’s core responsibilities consist of the following but not limited to :

People Management :

  • Lead and develop a high-performing security team of 3-4 FTEs to ensure compliance with security standards, while maintaining strong, proactive relationships with customers to meet their unique needs effectively
  • Serve as the primary point of contact for all client interactions, emphasizing strategic oversight and exemplary service to align with both organizational goals and customer expectations
  • Lead team meetings and represent security in Governance, Technical Operations, Change Advisory Board, and Technical Review Boards

Federal Systems, Security & Compliance Governance :

  • Develop and enforce security policies and procedures in compliance with Federal mandates, OMB, NIST standards, HHS / ACF & FPLS security requirements, and customer guidance regarding zero trust, supply chain, risk management, vulnerability management, etc.
  • Industry Knowledge : Stay abreast of emerging trends, technologies, and regulatory changes in the federal security compliance landscape and provide recommendations for adapting policies and procedures accordingly

    • Security Authorization :

  • Security Control Monitoring : Continuously monitor the implementation of security controls by collaborating with stakeholders, conducting regular internal assessments / audits, and recommend corrective actions as needed.
  • Provide guidance to the design and development teams on security issues and assist as needed in the development of security documentation (specifically, System Security Plan (SSP)) for Security Authorization
  • Assist the FPLS ISSO, FPLS ITSSO and Technical Manager to ensure that FPLS upholds all security requirements to maintain the ACF Authority to Operate

    • Risk Management :

  • Provide oversight to ensure comprehensive risk assessments and vulnerability scanning is performed of system portfolio to identify potential vulnerabilities and weaknesses in the organization's security posture
  • Participate in routine and on-demand system and application vulnerability scanning, document findings and recommendations, and present analysis of results to stakeholders
  • Document and track internal POAMs for DFS systems and applications

    • Incident Response & Reporting :

  • Maintain Incident Response (IR) Plan
  • Develop comprehensive reports detailing the nature and impact of each data incident and ensure timely notification to senior management and relevant government officials
  • Monitor and track data incidents through remediation and closure
  • Collaborate with internal teams and external stakeholders to effectively manage and resolve data incidents, ensuring adherence to established protocols and regulatory requirements
  • Utilize root cause analyses to enhance incident response procedures, mitigate risks, and improve overall data security posture and to minimize the risk of recurring incidents
  • Maintain accurate and comprehensive records of all data incidents, including incident details, response actions, and outcomes
  • Ensure proper documentation of incident resolution, lessons learned, and recommended preventive measures

    • Audits & Compliance :

  • Plan and execute regular audits to assess compliance with federal security standards and regulatory requirements
  • Support the Security Team in responding to external audits conducted by the HHS Inspector General (IG), Internal Revenue Service (IRS) and other Federal agencies as required
  • Support systems security evaluations, audits, and reviews.
  • Prioritize and coordinate the resolution of audit findings.

    • Contingency Planning / Disaster Recovery :

  • Maintain and update IT contingency plans and disaster recovery procedures.
  • Support DR exercises (tabletop, functional, etc.)

    • Security Site Assessments :

  • Lead security site assessments conducted on data-matching partner sites and FPLS contractor sites. This includes planning, reviewing relevant documents, writing comprehensive reports, and reviewing / responding to Plans of Action and Milestones (POAMs)
  • Questionnaire Review : Review questionnaires submitted by our matching partners to assess their adherence to security controls and requirements.
  • Conduct kickoff meetings and virtual audits to validate the implementation of appropriate security measures

    • Security Awareness Training :

  • Manage security trainings to educate staff on federal security requirements and best practices, ensuring that all training meets the compliance standards set by ACF, HHS, and the IRS
  • Assist in the development and delivery of Security Awareness Training as required

    • Stakeholder Communication :

  • Communicate effectively with various stakeholders, including senior management, IT teams, legal teams, and external auditors, to convey compliance issues, risks, and remediation plans.
  • Support the client in communicating and publishing security alerts, advisories, and bulletins as necessary
  • Documentation : Maintain accurate and up-to-date documentation of compliance activities, audit findings, and remediation efforts.

    • Technology :

  • Proficiency or familiarity with project management tools, particularly Jira, is preferred. The ability to effectively utilize Jira for task tracking, issue management, and collaboration is highly desirable.

    • WHAT YOU’LL NEED TO SUCCEED :

  • Bachelor's degree in Computer Science, Information Systems, or in a related field
  • Minimum of 5 years of experience working as a Federal Security Compliance Analyst with at least 5 years leadership experience in managing teams
  • 2 years security compliance experience NIST, FedRAMP, FISMA, OMB, ZTA, Supply Chain knowledge

    • PREFERRED QUALIFICATIONS :

  • Relevant security certifications (e.g., CISSP, CISM, CISA) are highly desirable

    • GDIT IS YOUR PLACE :

  • 401K with company match
  • Comprehensive health and wellness packages
  • Internal mobility team dedicated to helping you own your career
  • Professional growth opportunities including paid education and certifications
  • Cutting-edge technology you can learn from
  • Rest and recharge with paid vacation and holidays

    • The likely salary range for this position is $140,250 - $189,750. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

    Scheduled Weekly Hours :

    40

    Travel Required : Less than 10%

    T elecommuting Options :

    Hybrid

    Work Location :

    USA DC Home Office (DCHOME)

    Create a job alert for this search

    Security Compliance Manager • (VAHOME), Office, Home, VA, USA

    Related jobs
    • Promoted
    Surveillance Investigator

    Surveillance Investigator

    Allied UniversalLynchburg, VA, United States
    Full-time
    US-VA-Roanoke | US-VA-Lynchburg.Advance Your Career in Insurance Claims with Allied Universal Compliance and Investigation Services. Allied Universal Compliance and Investigation Services is the pre...Show moreLast updated: 30+ days ago
    Criminal analyst - junior

    Criminal analyst - junior

    Bow Wave LLCVA, USA
    Full-time
    Quick Apply
    Bow Wave is seeking entry-level Criminal Analysts for the Federal Law Enforcement community, and for those who seek to support a mission focused program in a challenging and dynamic environment.Ana...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Safety Manager (Central)

    Safety Manager (Central)

    John Moriarty & AssociatesCentral, VA, US
    Full-time +1
    John Moriarty & Associates of Virginia is seeking a full-time Safety Manager to manage several construction projects in Central Virginia. The Safety Manager will be responsible for managing the safe...Show moreLast updated: 16 hours ago
    • Promoted
    Security Site Supervisor

    Security Site Supervisor

    SecuritasLynchburg, VA, US
    Full-time
    Focus on the core content of the job post, removing any extra metadata, navigation mentions, and redundant headers.The goal is to present a clean, beautiful, and high signal to noise ratio version ...Show moreLast updated: 18 days ago
    • Promoted
    IB-A Industrial Safety Manager

    IB-A Industrial Safety Manager

    FramatomeLynchburg, VA, US
    Full-time
    IB-A Industrial Safety Manager.Completion of a Bachelor's degree in a related field.At least 10 years of directly related experience. An advanced degree (MS or MBA) may substitute 1-2 years of relat...Show moreLast updated: 5 days ago
    • Promoted
    Security Professional - Access Control Patrol

    Security Professional - Access Control Patrol

    Clearance JobsLynchburg, VA, US
    Full-time
    Security Professional - Access Control Patrol.Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide you a sense of purpose.While wo...Show moreLast updated: 10 days ago
    • Promoted
    Security Professional - Access Control Patrol

    Security Professional - Access Control Patrol

    Allied UniversalLynchburg, VA, US
    Full-time
    Security Professional - Access Control Patrol.Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide a sense of purpose.While workin...Show moreLast updated: 11 days ago
    • Promoted
    Quality Assurance Manager (QAM)

    Quality Assurance Manager (QAM)

    MBPLynchburg, VA, United States
    Full-time
    Quality Assurance Manager (QAM).US-VA-Roanoke | US-VA-Staunton | US-VA-Lynchburg | US-VA-Salem | US-VA-Bristol.Do you have 10 to 15 years of progressive experience in quality assurance or quality c...Show moreLast updated: 30+ days ago
    Mission Manager - Active Security Clearance

    Mission Manager - Active Security Clearance

    CadreVA, USA
    Full-time
    Quick Apply
    Serve as a specialized officer providing direct support to a client driving complex worldwide operations to develop actionable intelligence against the highest priority threats to US national secur...Show moreLast updated: 30+ days ago
    Freelance AI / ML Penetration Tester

    Freelance AI / ML Penetration Tester

    MindriftVA, US
    Remote
    Part-time
    Quick Apply
    This opportunity is only for candidates currently residing in the specified country.Your location may affect eligibility and rates. Please submit your resume in English and indicate your level of En...Show moreLast updated: 9 days ago
    • Promoted
    Quality Analyst / Risk Manager

    Quality Analyst / Risk Manager

    Beacon Specialized LivingVA, United States
    Full-time
    Quality Analyst / Risk Manager.Beacon is a successful and national behavioral health company providing residential-based services and supports to children and adults with Intellectual and Developme...Show moreLast updated: 1 day ago
    • Promoted
    • New!
    Security Officer - Armed Industrial Patrol

    Security Officer - Armed Industrial Patrol

    Allied UniversalLynchburg, VA, United States
    Full-time
    Security Officer - Armed Industrial Patrol.Tuesday, Wednesday, Saturday, Sunday.Allied Universal, North America's leading security and facility services company, offers rewarding careers that provi...Show moreLast updated: 20 hours ago
    Penetration Tester - Part time & Remote

    Penetration Tester - Part time & Remote

    TestProsDMV (and Remote), VA, US
    Remote
    Full-time +1
    Quick Apply
    Company Overview TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.Federal, St...Show moreLast updated: 30+ days ago
    • Promoted
    District Asset Protection Manager

    District Asset Protection Manager

    Home DepotLynchburg, VA, US
    Full-time
    District Asset Protection Manager.With a career at The Home Depot, you can be yourself and also be part of something bigger. The District Asset Protection Manager (DAPM) is responsible for teaching,...Show moreLast updated: 30+ days ago
    Security Architect – Compliance & Risk (NIST 800-53 / SSP Specialist)

    Security Architect – Compliance & Risk (NIST 800-53 / SSP Specialist)

    Cyber ResourceVirginia, US
    Full-time
    ABOUT THE ROLE Security Architect IV to create System Security Plans for suppliers.The role involves conducting interviews with business units, analyzing responses to security co...Show moreLast updated: 30+ days ago
    • Promoted
    Asset Control Manager

    Asset Control Manager

    Liberty UniversityLynchburg, VA, US
    Full-time
    As an Asset Control Manager within the Broadcast Engineering team of the Information Services (IS) division, this role is responsible for overseeing scheduling, resource allocation, and material mo...Show moreLast updated: 30+ days ago
    Application Security Engineer

    Application Security Engineer

    VivSoft TechnologiesVA, US
    Full-time
    Quick Apply
    Application Security Engineer Clearance Required : Public Trust Location : Remote, USA Position Type : Full-Time About the company : At VivSoft, we aim to s...Show moreLast updated: 9 days ago
    Deputy Department Director, Senior - Emergency Management

    Deputy Department Director, Senior - Emergency Management

    Vets HiredVirginia, Virginia, United States
    Full-time
    Quick Apply
    This unclassified position serves at the will of the Appointing Authority.The Deputy Department Director, Senior provides assistance to the Director in setting strategic direction and overseeing th...Show moreLast updated: 30+ days ago
    Full Stack Engineer - Must have current US Govt Top Secret / FSP security clearance

    Full Stack Engineer - Must have current US Govt Top Secret / FSP security clearance

    Bow Wave LLCVA, USA
    Full-time
    Quick Apply
    Bow Wave is actively hiring for IT engineering experts looking for a challenging but rewarding career path in the Intelligence Community (IC). Help with the design and implement all levels of the so...Show moreLast updated: 30+ days ago
    • Promoted
    Cybersecurity Architect / Engineer

    Cybersecurity Architect / Engineer

    LeidosGreenway, VA, US
    Full-time
    Join us in improving and shaping the future of smart mobility with a group of intelligent, motivated, and dedicated individuals! The Leidos Surface Transportation group focuses on improving transpo...Show moreLast updated: 11 days ago