Senior Cybersecurity & Compliance Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

Mythics · 7 hours ago

Senior Cybersecurity & Compliance Manager

positionVirginia, United States
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date8+ years exp

Mythics is an award-winning Oracle systems integrator and consulting firm, seeking a Senior Cybersecurity and Compliance Manager to lead their internal information security and compliance programs. This role involves managing cybersecurity governance, overseeing risk management, and ensuring compliance with various regulatory frameworks for government clients.

Cloud Data ServicesCloud InfrastructureCloud ManagementCloud SecurityConsultingIaaSInformation TechnologyPaaSSaaS
check
Culture & Values
check
H1B Sponsor Likelynote

Responsibilities

Develop and execute a corporate cybersecurity strategy aligned with business objectives, risk appetite, regulatory requirements, and government contracting obligations
Lead the internal security function, including security engineering, security operations, governance, and privacy alignment
Advise the General Counsel and executive leadership team on cyber risk, compliance exposure, and major security decisions
Provide regular reporting to executive leadership, the CEO, and the Board on security posture, risks, incidents, and compliance programs
Responsible for corporate compliance with all government and industry cybersecurity frameworks:
NIST SP 800-171
CMMC (current and emerging versions)
DFARS 252.204-7012 obligations
FAR & agency-specific security clauses for civilian agency support
State and local government IT security requirements
ISO/IEC 27001:2022
PCI-DSS (as applicable)
Oversee the internal Information Security Management System (ISMS) and maintain certification readiness
Lead internal audits, evidence collection, POA&M management, and continuous monitoring
Maintain a current System Security Plan (SSP), risk register, and compliance documentation library
Ensure all contractual cybersecurity clauses and flow-downs are properly implemented across the organization
Lead enterprise security operations, including vulnerability scanning and remediation, endpoint and mobile device security, network and cloud security (Azure/AWS/O365, etc.), identity and access management (IAM/MFA/privileged access) and SIEM, logging, and monitoring
Oversee the enterprise’s incident detection and response program, including tabletop exercises, escalation procedures, after-action reporting, and legally mandated notifications
Ensure secure design and implementation of all internal IT systems, SaaS platforms, and corporate infrastructures
Own and manage the corporate cybersecurity risk management program
Conduct and oversee periodic risk assessments and ensure appropriate risk treatment decisions
Present risk acceptance or mitigation recommendations to the General Counsel and executive team
Ensure cybersecurity is fully integrated with enterprise risk, legal review, and corporate governance processes
Work closely with the General Counsel on regulatory compliance, contract reviews incident response coordination, data protection and privacy obligations and government security clauses and reporting
Collaborate with Finance, HR, IT, Sales, and Operations to embed security into enterprise processes, onboarding/offboarding, procurement, and solution development
Support Sales and Contracts on internal security representations (e.g., RFP responses, vendor security reviews)
Oversee third-party risk assessments, due diligence, contract security language, and ongoing monitoring
Ensure that subcontractors, SaaS applications, cloud services, and strategic partners meet internal and client-imposed security requirements
Maintain and enforce vendor security policies and security addenda

Qualification

NIST SP 800-171CMMCISO/IEC 27001 2022PCI-DSSCybersecurity GovernanceRisk ManagementIncident ResponseGRC ProgramsVendor Risk ManagementCloud SecurityCISSPCISMCRISCCGEITCommunication SkillsDecision MakingIntegrity

Required

Bachelor's degree in cybersecurity, information technology, business, or related discipline and/or equivalent work experience
8+ years of experience in cybersecurity and information security roles
Direct experience managing internal cybersecurity programs within a government contracting, technology, or professional services organization
Expert-level knowledge of NIST SP 800-171, CMMC, ISO/IEC 27001:2022, DFARS, FAR, and federal agency cybersecurity requirements, state and local government security expectations, and PCI-DSS (where applicable)
Proven ability to lead internal incident response, risk management, and enterprise GRC programs
Senior leader-level communication and ability to articulate cybersecurity risk to legal, operational, and business leaders
Strong decision making, judgment, and ability to prioritize risk in a business-focused environment
Integrity, confidentiality, and composure in handling sensitive or high-impact matters
Deep understanding of federal, state, and local government contracting cybersecurity requirements

Preferred

CISSP
CISM
CRISC
CGEIT
PCI ISA/QSA experience beneficial

Benefits

Comprehensive Health, Dental, and Vision plans
Premier 401k retirement plan with corporate matching and a 529 college saving plan
Tax-advantaged Health Savings Account and Dependent Care Flexible Spending Account options
Legal Resources
Generous work/life balance opportunities supported by a PTO bank, paid holidays, leave programs and additional flex time off
Employee referral program
Employee recognition, gift and reward program
Tuition reimbursement for continuing education
Remote or hybrid work options
Engaging company events such as team building activities, annual awards and kick-off parties
Health and wellness-focused activities
Relaxation Spaces
In-office gourmet coffee, tea, fresh fruit and healthy snacks
Corporate GREEN approach – tracking energy consumption for reduction and purchasing only environmentally friendly products for our offices

Company

Mythics

twittertwittertwitter
company-logo
Mythics is an award-winning Oracle systems integrator, consulting firm, managed services provider, and elite Oracle platinum resale partner representing the entire Oracle product line of cloud, software, support, hardware, engineered systems, and appliances.
dateFounded in 2000
location
Virginia Beach, Virginia, USA
people-size501-1000 employees
web-link
http://www.mythics.com

H1B Sponsorship

Mythics has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (8)
2022 (2)
2020 (1)

Funding

Current Stage
Late Stage
Total Funding
unknown
2023-01-11Acquired

Leadership Team

leader-logo
R. Scott LaRose
Co-Founder and Board Member
linkedin
leader-logo
Kevin M. Hodgkiss
Chief Financial Officer
linkedin

Recent News

PR Newswire
Mythics Accelerates Oracle Multi-Cloud Momentum, Driving Transformation Across Leading Hyperscalers
2025-12-03
Morningstar.com
Mythics, LLC Appoints Sundar Padmanaban as Executive Vice President, Consulting Sales & Solution Engineering, to Drive Transformative Growth
2025-11-06
citybiz
Mythics Appoints James Toole as Senior Vice President, Consulting Services Sales
2025-06-26
Company data provided by crunchbase