Manager - Cyber Risk & Compliance

The Cyber Risk & Compliance Manager is responsible for supporting GDIT’s audit and compliance processes. This position will report directly to the Sr. Manager IT Risk & Compliance and work closely with General Dynamics internal audit, external auditors, and key process/control owners throughout the organization to maintain effective, consistent and cost-efficient IT control processes across multiple regulatory requirements.

HOW YOU WILL MAKE AN IMPACT:

• Partner with internal and external auditors to support Cyber control assessments and help facilitate testing plans and support initiatives related to internal controls, compliance requirements, privacy, and cyber initiatives
• Oversee program for continuous monitoring of Cyber, IT and Artificial Intelligence risk
• Support contract and cyber regulatory compliance to home office functions, programs, and divisions (e.g., Defense, FedCiv, IHS) where applicable
• Provide and coordinate the delivery of relevant awareness training to control and process owners
• Oversee Cyber Control Self Assessments (CSA) process and maintain control and process owner matrix
• Manage Cyber remediation plans through escalation and completion
• Assist with the acquisition, implementation and maintenance of a Governance Risk and Compliance (GRC) tool.
• Prepare and present status to Cyber Risk & Compliance team and CISO when needed

WHAT YOU’LL NEED TO SUCCEED:

• Bachelors degree OR in lieu of degree, an additional 4+ years of professional training or work experience is required
• Possess at least one related professional certification e.g.: CISSP, CISA, CISM
• Minimum five (5) years experience in Governance, Risk, and Compliance roles for Cyber or IT
• Experience in cyber security and privacy regulatory controls frameworks such as Cybersecurity Maturity Model Certification (CMMC), NIST 800-171, NIST Risk Management Framework, ISO 27001, ISO 28001, etc.
• Strong knowledge of IT general controls, audit methodologies and Cyber compliance issues
• Strong data analysis experience and skills; must be able to dive deep into data, call out trends, and make recommendations to influence results
• Proven ability to independently evaluate controls over Cyber and/or IT processes
• Able to assert own ideas and actively demonstrate influencing skills to persuade others at all levels in the company
• Excellent written and verbal communication skills; must be able to succinctly and accurately articulate information and data
• Previous experience executing Cyber or IT Governance, Risk & Compliance initiatives
• US Persons required
• Preferred experience in government contract industry
• Preferred experience in Artificial Intelligence risk

GDIT IS YOUR PLACE:

• Full-flex work week to own your priorities at work and at home
• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays