IT Compliance Manager

About Our Team

Our employees thrive in a culture that's fast-paced and ego-free, where innovation and collaboration are encouraged at every turn. We are an organization that provides federal agencies instant access to experienced and talented professionals who understand their unique challenges and know the most efficient ways to address them. We are continually investing in resources and talent, so we stay prepared with specialized teams in the place who are experts in creating tailored technologies. Our solutions empower Federal organizations to grow, modernize, and succeed in a rapidly evolving landscape.

We value all voices and want to attract talent from all backgrounds. We are on the lookout for individuals who are passionate about technology and thrive in environments where problem-solving is approached with creativity and enthusiasm. If you are someone who enjoys continuously expanding your skill set while tackling real-world business problems, you will feel right at home with us. Veterans and military spouses are especially encouraged to bring your unique and valuable experience to our team.

IT Compliance Manager

We are seeking an experienced and driven IT Compliance Manager to join our team. This key role will be responsible for leading the organization through internal and external audits for various industry certifications, including but not limited to ISO 27001 (Information Security Management), ISO 9001 (Quality Management), and CMMC (Cybersecurity Maturity Model Certification) Version 2, Level 2. The ideal candidate will have a strong background in Agile IT Project Management, IT certification compliance, risk assessment, process improvements, and quality assurance. This individual will drive the development and maintenance of documentation, ensure ongoing certification compliance, and manage continuous improvement initiatives across our IT and operational processes.

Key Responsibilities:

• Compliance & Certification Management: Lead the company through internal and external audits for our Integrated Management System (IMS) for ISO 27001, ISO 9001, CMMC Version 2 Level 2, and others as required by the business. Ensure readiness and compliance throughout the certification lifecycle.
• Documentation Development & Management: Create, review, and maintain comprehensive compliance documentation for certifications, including policies, procedures, controls, and work instructions, ensuring they meet the requirements of relevant industry standards.
• Ongoing Compliance Oversight: Oversee compliance with relevant certifications (ISO27001, ISO9001, CMMC, and other applicable standards), ensuring that all IT and business operations align with certification requirements and industry best practices. Manage corrective and preventive actions (CAPA) for any nonconformities.
• Risk Assessment & Mitigation: Lead the identification and assessment of risks related to cybersecurity, quality management, and operational processes. Develop and implement risk mitigation strategies and action plans to address potential compliance gaps.
• Continuous Improvement: Champion continuous improvement initiatives by identifying opportunities to enhance processes, security measures, and quality assurance practices, ensuring alignment with industry standards and evolving business needs.
• Training & Awareness: Develop and deliver training sessions to increase awareness and understanding of compliance requirements, best practices, and security measures across the organization.
• Monitor: Regulatory and contractual requirements, advising leadership on compliance risks.
• Cross-Functional Collaboration: Work closely with cross-functional teams (e.g., IT, legal, security, operations) to align compliance efforts with broader business objectives, ensuring that all compliance requirements are integrated into day-to-day operations.

TAG: INDMJC

TAG: #LI-I4DM

Required Qualifications:

Experience:

• 5+ years of experience in compliance, quality management, and information security.
• Proven experience managing compliance and certification processes and a complete and thorough understanding of ISO 27001, ISO 9001, CMMC, SOC 2, NIST, etc. within an IT or technology-focused environment.
• Background in risk management, quality assurance, process improvements, and implementing compliance frameworks.
• Demonstrated success in preparing for and managing internal and external audits for multiple certifications.

Skills & Competencies:

• In-depth knowledge of multiple compliance frameworks, including ISO27001, ISO9001, CMMC, SOC 2, and NIST.
• Strong understanding of cybersecurity best practices and risk management principles.
• Experience creating, reviewing, and editing technical and compliance documentation.
• Excellent communication and leadership skills, with the ability to work effectively with cross-functional teams and executive leadership.
• Strong organizational skills and the ability to manage multiple projects and priorities simultaneously.
• Experience in federal contracting / defense industry highly desirable.
• Secret clearance eligible.