General Atomics (GA), and its affiliated companies, is one of the world’s leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies.
We have an exciting opportunity for a Cybersecurity Compliance Program Manager to join our Information Technology Services (ITS) Information Assurance team.
Reporting directly to the Senior Manager of IT Governance, Risk and Compliance, this role will support the IT compliance activities of the organization. With general supervision, this position is responsible for supporting the development and implementation of cybersecurity compliance programs, and related procedures.
DUTIES AND RESPONSIBILITIES:- Develop, implement, and maintain IT compliance programs, policies, and procedures in accordance with relevant regulations, including but not limited to:
- NIST Special Publications (e.g., NIST 800-171 Revisions 2, 3)
- DFARS (Defense Federal Acquisition Regulation Supplement)
- FAR (Federal Acquisition Regulation)
- CMMC (Levels 1 through 3)
- ISO 27000 Series
- Conduct regular internal assessments to evaluate the effectiveness of IT controls and identify areas for improvement.
- Manage external audits by government agencies (e.g., DCAA, DCMA) or third-party assessors.
- Work with IT, security, and other departments to ensure that systems and processes are designed and implemented to meet compliance requirements.
- Maintains knowledge of applicable policies, regulations, and compliance documents related to cybersecurity and information assurance.
- Participates in assessments of information technology systems; ensures periodic system security reviews are conducted and documented.
- Provides input to a cybersecurity awareness training program that is engaging and influences changes in employees’ behavior.
- Develops appropriate electronic and hard copy reports and records, including new or revised electronic or hard copy documentation.
- Create compliance related presentations to internal stakeholders as needed.
- Monitor changes in regulations and update policies and procedures accordingly.
- Serve as a point of contact for IT compliance-related inquiries
- Investigate and address any compliance violations or incidents
- Maintain the strict confidentiality of sensitive information.
- Embraces continuous learning with a passion to keep abreast of changes in regulatory and technology environments.
- Responsible for observing all laws, regulations, and other applicable obligations wherever and whenever business is conducted on behalf of the Company.
- Responsible for ensuring work is accomplished in a safe manner in accordance with established operating procedures and practices.
We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.