Cybersecurity Program/Project Manager – Governance, Risk, & Compliance (GRC)

We are seeking an experienced Cybersecurity Program/Project Manager to lead and coordinate our Governance, Risk, and Compliance (GRC) shared service initiatives. This is a strategic role that requires both a deep understanding of cybersecurity risk management and expert-level program management skills. You will drive enterprise-wide GRC efforts and ensure the successful delivery of security compliance and risk programs aligned with industry frameworks and business objectives.

Key Responsibilities:
• Lead GRC program delivery across a shared services model, serving multiple internal business units and stakeholders.
• Ensure compliance with regulatory and industry standards (e.g., NIST, ISO 27001, FedRAMP, HIPAA, SOC 2).
• Manage and mature governance frameworks, security policies, control testing activities, and risk assessments.
• Coordinate with cross-functional teams to remediate findings, track risk mitigation efforts, and report compliance posture.
• Serve as the primary point of contact for cybersecurity audits, assessments, and executive updates.
• Develop program plans, schedules, risk registers, and performance dashboards for leadership and oversight.
• Promote continuous improvement of GRC processes, tooling, and documentation.

Required Qualifications:
• Bachelor’s degree in Cybersecurity, Information Systems, Business, or a related field.
• Project Management Professional (PMP) certification, Masters, or equivalent
• 5+ years of experience managing complex cybersecurity programs or projects.
• 5+ years of experience leading GRC, risk, or compliance functions within an enterprise environment.
• Strong working knowledge of security frameworks and standards such as NIST CSF, NIST 800-53, ISO 27001, and COBIT.
• Experience with GRC tools (e.g., CSAM, Xacta, Archer, ServiceNow GRC, etc).
• Excellent communication, stakeholder management, and executive reporting skills.

Preferred Qualifications:
• Additional certifications such as CISSP, CISM, CRISC, CGEIT.
• Experience operating in a shared services model or large-scale enterprise environment.
• Familiarity with cloud security compliance frameworks (FedRAMP, ISO 27017/18, AWS/GCP/Azure controls).

Bonus Experience
• Experience in converting wireframes and graphic designs into effective web interfaces.
• Background in UX research, testing, and front-end graphic design.
• Government or DOJ cybersecurity experience, particularly FISMA A&A accreditation.
• Sense of Humor

Why Join Us?
• Take ownership of enterprise-level GRC initiatives that impact organizational security posture.
• Work in a collaborative, growth-oriented cybersecurity team.
• Enjoy a flexible, inclusive work environment with room for advancement.
• Competitive salary, benefits, and professional development support.

Benefits
• 401K safe harbor plan with employer match, 10 paid holidays, 15 days of personal time off, health insurance, commuter benefits, tuition assistance, and more.

Job Type: Full-time

Schedule:
• 8 hour shift
• Monday to Friday

Security clearance:
• Secret (Required)

Work Location: Remote