Talent.com
Security Policy and Compliance Manager

Security Policy and Compliance Manager

CybervanceWashington, DC, United States
7 days ago
Job type
  • Full-time
Job description

Overview

Position Title : Security Policy and Compliance Manager

Location : On Site - Washington, D.C.

Clearance Required : Public Trust

Cybervance is a rapidly growing information security and information technology company in Washington, D.C., and we are an equal opportunity employer that designs, develops, and manages the successful execution of training programs for government and private sector organizations. Cybervance believes in creating innovative solutions to deliver measured results.

Cybervance is seeking a highly skilled Security Policy and Compliance Lead to support our federal customer in ensuring security standards, policies, and regulatory requirements are met across enterprise systems.

The Security Policy and Compliance Lead will be responsible for developing, maintaining, and overseeing security documentation, implementing and assessing security controls, and leading risk management efforts in alignment with NIST and federal standards. The ideal candidate will bring hands-on expertise in security authorization and assessment (A&A), continuous monitoring, and policy oversight, coupled with strong leadership skills and the ability to communicate effectively with both technical and executive stakeholders.

Responsibilities

  • Develop, maintain, and manage security documentation required for the Authorization and Accreditation (A&A) package, including System Security Plans (SSPs), Contingency Plans (CPs), and Security Assessment Reports (SARs).
  • Provide oversight and development of Plans of Action and Milestones (POA&Ms) and ensure timely remediation of identified risks.
  • Lead and perform all continuous monitoring activities, ensuring security controls remain effective and compliant with federal regulations.
  • Conduct and document risk assessments based on NIST standards, ensuring that system design and implementation sufficiently mitigate Information Assurance (IA) risks.
  • Implement, assess, and validate NIST SP 800-53A security controls for federal agencies, ensuring systems achieve and maintain compliance.
  • Apply advanced risk management techniques to identify vulnerabilities and provide recommendations for mitigation strategies.
  • Collaborate with technical teams to integrate security into system development life cycles and operational processes. Utilize data analysis, data mining, and business intelligence techniques to correlate data from disparate sources, identify trends, and create informative risk / compliance dashboards and visualizations.
  • Provide guidance on security policy, compliance requirements, and audit readiness to technical and business stakeholders.
  • Stay current with evolving federal security requirements, emerging technologies, and industry best practices to maintain a compliance posture.

Required Skills and Experience

  • At least 5 years of hands-on experience developing required A&A documentation (SSP, CP, SAR) and overseeing POA&Ms, with continuous monitoring responsibilities performed within the last three years.
  • CISSP certification required.
  • Minimum of 5 years’ experience implementing NIST 800-53A security controls in federal environments.
  • Strong expertise in applying risk management frameworks and conducting risk assessments in accordance with NIST standards.
  • 1+ years of experience working with data structures, data mining, and business intelligence, including correlating disparate data sources and creating data-driven visualizations.
  • Strong understanding of federal security and compliance requirements (e.g., NIST RMF, FISMA, FedRAMP).
  • Excellent written and verbal communication skills, with proven ability to prepare clear, concise, and compliant documentation.
  • Strong analytical and problem-solving skills with attention to detail.
  • Ability to collaborate effectively across technical, compliance, and executive teams.

    • Education and Certifications

  • Bachelor’s degree in computer science, Information Systems, Cybersecurity, or a related field (or equivalent experience).
  • CISSP certification required.
  • Additional certifications such as CISM, CISA, CAP, or Security+ are desirable.

    • #J-18808-Ljbffr

    Create a job alert for this search

    Security Compliance Manager • Washington, DC, United States

    Related jobs
    • Promoted
    Safety and Training Manager

    Safety and Training Manager

    TransdevBaltimore, MD, USA
    Full-time
    The Safety Manager ensures compliance with federal, state, and local regulations and with company safety requirements.Responsible for continuous leadership, recruitment and training of operator can...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Director, Privacy and Cybersecurity

    Senior Director, Privacy and Cybersecurity

    ISACAAlexandria, VA, United States
    Full-time
    Eligible for Hybrid / 3 days in office - Alexandria, VA).The Senior Director, Privacy and Cybersecurity provides executive leadership to protect United Way Worldwide’s data, systems and reputation.T...Show moreLast updated: 22 days ago
    • Promoted
    Insider Threat Program User Activity Monitor Engineer

    Insider Threat Program User Activity Monitor Engineer

    LeidosLorton, VA, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for User Activity Monitor (UAM) Engineer supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insid...Show moreLast updated: 30+ days ago
    • Promoted
    Insider Threat Program Systems SME

    Insider Threat Program Systems SME

    LeidosUpper Marlboro, MD, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for a Systems Management SME supporting the HEITS Contract as part of an Insider Threat Program (ITP). This is an exciting opportu...Show moreLast updated: 1 day ago
    • Promoted
    Industrial Security Representative (CPSO)

    Industrial Security Representative (CPSO)

    LeidosAlexandria, VA, US
    Full-time
    The Digital Modernization Group at Leidos is seeking an Industrial Security Representative (ISR) / Contractor Program Security Officer (CPSO) supporting work for the Defense Threat Reduction Agency (...Show moreLast updated: 1 day ago
    • Promoted
    Intelligence Officer

    Intelligence Officer

    NavyChesapeake Beach, MD, United States
    Full-time
    ABOUT Effective, secure communication in the cyber domain is essential to the everyday operations of military intelligence in America’s Navy. Information Professionals who oversee the seamless opera...Show moreLast updated: 4 days ago
    • Promoted
    Program Manager, II

    Program Manager, II

    OMNI Technologies LLCFort Meade, MD, US
    Full-time
    There is no anticipated travel for this position.An individual must meet the following criteria to be considered : .Pass a background investigation. Possess an active TS / SCI with Polygraph security cl...Show moreLast updated: 30+ days ago
    • New!
    Compliance Manager

    Compliance Manager

    Amalgamated FoundationWashington, DC, US
    Full-time
    Quick Apply
    APPLICATION GUIDELINES Applications will be reviewed on a rolling basis and must be received by Sunday, October 19, 2025. Applications received after the deadline may be reviewed dep...Show moreLast updated: 6 hours ago
    • Promoted
    Compliance Specialist - Auditing and Training

    Compliance Specialist - Auditing and Training

    Mercy Medical Center, Baltimore, MDBaltimore, MD, US
    Full-time
    Join Our Team at Mercy Medical Center – Now Hiring a Compliance Specialist! Certification is required.This role offers a hybrid schedule that requires on site work, in addition to remote offe...Show moreLast updated: 3 days ago
    • Promoted
    Insider Threat Program User Activity Monitor Sustainment SME

    Insider Threat Program User Activity Monitor Sustainment SME

    LeidosUpper Marlboro, MD, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for a User Activity Monitor (UAM) Sustainment Subject Matter Expert supporting the HEITS Contract as part of the Insider Threat P...Show moreLast updated: 28 days ago
    • Promoted
    Security Policy and Compliance Lead

    Security Policy and Compliance Lead

    Fusion TechnologyWashington, DC, United States
    Full-time
    Fusion Technology is a performance-driven HUBZone Small Business concern residing in the heart of the beautiful mountainsides of West Virginia, steps away from the FBI's Criminal Justice Informatio...Show moreLast updated: 11 days ago
    • Promoted
    • New!
    Manager, International Risk Management

    Manager, International Risk Management

    Capital OneEast Case, MD, US
    Full-time +1
    Manager, International Risk Management Capital One is one of the fastest growing organizations in the world today and we are growing our tech teams globally. You’ll play a pivotal role in developing...Show moreLast updated: 15 hours ago
    • Promoted
    Staff Security and Compliance Manager

    Staff Security and Compliance Manager

    Ad Hoc LLCWashington, DC, United States
    Full-time
    Are you ready for new challenges and new opportunities?.Current job opportunities are posted here as they become available. Ad Hoc is a technology company that empowers organizations to deliver scal...Show moreLast updated: 29 days ago
    • Promoted
    Manager, Information Security Office Consultant

    Manager, Information Security Office Consultant

    Capital OneBaltimore, MD, US
    Full-time +1
    Manager, Information Security Office Consultant.At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security and Risk Management.You are ...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Senior Manager - Global Payment Network Information Security Office (ISO) Consultant

    Senior Manager - Global Payment Network Information Security Office (ISO) Consultant

    Capital OneArnold, MD, US
    Full-time +1
    Senior Manager - Global Payment Network Information Security Office (ISO) Consultant At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information ...Show moreLast updated: 12 hours ago
    • Promoted
    25 SISI-TR-DO-0025 Physical Security Specialist - L3

    25 SISI-TR-DO-0025 Physical Security Specialist - L3

    Integrated Intel SolutionsSpringfield, VA, US
    Temporary
    Security Specialist, Skill Level 3.Overall Assignment Description : Physical Security Specialist.U) Ensure that all NGA and industrial areas CONUS and OCONUS meet and have met all DoD and IC standar...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Manager, Network Security, Tech & Data Risk Management

    Manager, Network Security, Tech & Data Risk Management

    Capital OneBaltimore, MD, US
    Full-time +1
    Manager, Network Security, Tech & Data Risk Management.Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers.We are serious about ...Show moreLast updated: 14 hours ago
    • Promoted
    Insider Threat Program Senior System Engineer

    Insider Threat Program Senior System Engineer

    LeidosUpper Marlboro, MD, US
    Full-time
    The Digital Modernization Sector at Leidos currently has an opening for a Senior System Engineer supporting the HEITS Contract as part of the Department of Homeland Security (DHS) Insider Threat Pr...Show moreLast updated: 1 day ago