Cybersecurity Policy & Compliance Manager

Req ID: 39051

Summary

Cybersecurity Policy & Compliance Manager

Huntsville, Alabama

Are you ready to enhance your skills and build your career in a rapidly evolving business climate? Are you looking for a career where professional development is embedded in your employer's core culture? If so, Chenega Military, Intelligence & Operations Support (MIOS) could be the place for you! Join our team of professionals who support large-scale government operations by leveraging cutting-edge technology and take your career to the next level!

Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, an Alaska Native Corporation based in Anchorage, AK. Belonging to the Military, Intelligence, and Operations Support (MIOS) Strategic Business Unit (SBU), Chronos has a culture rooted in integrity, respect, and exceptional performance. Chronos is headquartered in Colorado Springs, CO, and provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence.

The Cybersecurity Policy & Compliance Manager is responsible for leading the development, implementation, and maintenance of cybersecurity policies and compliance programs aligned with Department of Defense (DoD) Army, and NIST requirements.

Responsibilities

• Lead and manage the development, review, maintenance, and enforcement of cybersecurity policies and procedures in accordance with DoD, Army, and NIST source requirements. This includes the creation and oversight of external policies, guidance, and SOPs to support execution of the command's cybersecurity program through an established policy development framework.
• Provide Communication Security governance and compliance reporting to maintain security of encapsulation and encryption devices.
• Develop a Knowledge Management Plan to capture data and provide business intelligence and data analysis related to COMSEC functions.
• Provide exercise support to validate the security of systems accredited by the Authorizing Official and/or Privacy Official.
• Develop additional technical and managerial cybersecurity training plans, guides and materials to enable workforce knowledge and compliance.
• Integrate implementation by mapping requirements into workflows, tracking tools and milestone events (e.g., ATO packages, CONMON cycles, system upgrades).
• Work closely with Government stakeholders-including ISSMs, AODRs, system owners, and command leadership-to validate interpretations, prioritize actions, and maintain alignment with mission.
• Present vulnerability assessment results, control validation findings and mission impact analyses.
• Deliver after-action reports from control validation, including prioritized POA&M recommendations.
• Identify workforce skill gaps and propose targeted training aligned with DoD 8140 NIST NICE categories, as needed.
• Manage and supervise staff, evaluate employee performance, and recommend or initiate promotions, transfers, and disciplinary action.
• Review IT documentation to ensure it meets company standards and applicable regulatory requirements.
• Evaluate IT process deficiencies and recommend new controls to fix issues.
• Analyze new processes to ensure they are properly implemented.
• Maintain company documentation as changes need to be made.
• Maintain knowledge of applicable regulations to ensure company remains in compliance.
• Ensure audit evidence is kept and can be provided to auditors.
• Follow up on audit findings to ensure the proper corrective actions are taken.
• Conduct presentations on new policies and issues of non-compliance.
• May recruit, hire, train staff, evaluate employee performance, and recommend or initiate promotions, transfers, and disciplinary action.
• Ensure that AMC systems, networks, and operations adhere to federal cybersecurity regulations, including the Risk Management Framework (RMF) and other applicable standards.
• Collaborate with technical and operational teams to assess risk, enforce policy, and maintain a robust cybersecurity posture across the command.
• Oversee RMF compliance activities, including system categorization, control selection, implementation, assessment, and authorization.
• Conduct internal audits and assessments to ensure adherence to cybersecurity standards and identify areas for improvement.
• Coordinate with system owners and other stakeholders to ensure cybersecurity requirements are integrated throughout the system lifecycle.
• Monitor changes in federal cybersecurity regulations and update internal policies accordingly.
• Manage documentation for cybersecurity compliance.
• Provide guidance and training to staff on cybersecurity policy and compliance requirements.
• Serve as liaison with external auditors, DOD cybersecurity authorities, and other oversight bodies.
• Support incident response activities and ensure proper documentation and reporting of cybersecurity events.
• Maintain awareness of emerging threats, technologies, and best practices in cybersecurity governance.
• Other duties as assigned.

Qualifications

• Bachelor's degree in computer science, Engineering, Cyber Security or equivalent experience in lieu of degree.
• 8+ years of experience in cybersecurity policy writing, compliance or risk management within a DoD or federal environment.
• 5+ years of experience developing and implementing cybersecurity policies in a military or government setting
• In depth knowledge of DoD cybersecurity frameworks, including RFM, NIST/NISPOM/DoDI 8500
• Must have active certifications like CISSP, CISM. Equivalent certifications is acceptable.
• Must have active Top-Secret Clearance with SCI eligibility

Knowledge, Skills and Abilities:

• Must have experience with eMASS
• Strong understanding of federal cybersecurity regulations and the Privacy Act.
• Expertise in applying RMF across system lifecycles.
• Ability to write clear, actionable cybersecurity policies, procedures and guidance documents.
• Analytical and strong organizational skills, with excellent verbal and written ability.
• Good work ethic and active desire to learn.
• Skillful time management and organizational skills to set and meet deadlines.
• Ability to work both independently and within a team.
• Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement.
• Ability to meet minimum clearance requirements.
• Ability to work nights, weekends, and holidays as required.
• Ability to travel up to 10%.

How you'll grow

At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn.

We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.

Benefits

At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.

Learn more about what working at Chenega MIOS can mean for you.

Chenega MIOS's culture

Our positive and supportive culture encourages our team members to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them be healthy, centered, confident, and aware. We offer well-being programs and continuously look for new ways to maintain a culture where we excel and lead healthy, happy lives.

Corporate citizenship

Chenega MIOS is led by a purpose to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our team members, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

Learn more about Chenega's impact on the world.

Chenega MIOS News- ;br>
Tips from your Talent Acquisition Team

We want job seekers exploring opportunities at Chenega MIOS to feel prepared and confident. To help you with your research, we suggest you review the following links:

Chenega MIOS web site - ;br>
Glassdoor - _IE369514.11,23.htm

LinkedIn - ;br>
Facebook - ;br>
#Chronos Operations, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program