Risk Manager

Job description

Company Description As the Risk Manager on the Digital Technology GRC team, you will play a central role in advancing our federal compliance posture and GRC program maturity. You will guide initiatives related to CMMC (Cybersecurity Maturity Model Certification) Level 2 readiness, NIST framework implementation, and enterprise-wide risk assessment across infrastructure, endpoints, identity, cloud, and data protection domains. You will partner closely with Security Architecture, IT Operations, SecOps, Internal Audit, Legal & Compliance, and Executives to assess risk, implement controls, and ensure our organization meets the rigorous standards required for federal contracting. You will drive compliance and risk management across key areas such as: - CMMC 2.0 Level 2 Assessment Readiness & Certification - NIST SP 800-171 / NIST CSF Control Mapping & Implementation - Enterprise Risk Assessment & Remediation Planning - System Security Plans (SSP) & Plan of Action & Milestones (POA&M) - GRC Process Maturity & Automation - Federal Compliance Documentation & Evidence Management - This is a high-impact, high-visibility role designed for someone who combines deep knowledge of federal cybersec...