Chenega MIOS SBU · 22 hours ago
Cybersecurity Policy & Compliance Manager
Huntsville, AL
Full-time
Onsite
Senior Level, Lead/Staff
8+ years expChenega MIOS is a subsidiary of Chenega Corporation that supports large-scale government operations. The Cybersecurity Policy & Compliance Manager is responsible for leading the development, implementation, and maintenance of cybersecurity policies and compliance programs aligned with DoD and NIST requirements.
Defense & Space
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Lead and manage the development, review, maintenance, and enforcement of cybersecurity policies and procedures in accordance with DoD, Army, and NIST source requirements. This includes the creation and oversight of external policies, guidance, and SOPs to support execution of the command’s cybersecurity program through an established policy development framework
Provide Communication Security governance and compliance reporting to maintain security of encapsulation and encryption devices
Develop a Knowledge Management Plan to capture data and provide business intelligence and data analysis related to COMSEC functions
Provide exercise support to validate the security of systems accredited by the Authorizing Official and/or Privacy Official
Develop additional technical and managerial cybersecurity training plans, guides and materials to enable workforce knowledge and compliance
Integrate implementation by mapping requirements into workflows, tracking tools and milestone events (e.g., ATO packages, CONMON cycles, system upgrades)
Work closely with Government stakeholders—including ISSMs, AODRs, system owners, and command leadership—to validate interpretations, prioritize actions, and maintain alignment with mission
Present vulnerability assessment results, control validation findings and mission impact analyses
Deliver after-action reports from control validation, including prioritized POA&M recommendations
Identify workforce skill gaps and propose targeted training aligned with DoD 8140 NIST NICE categories, as needed
Manage and supervise staff, evaluate employee performance, and recommend or initiate promotions, transfers, and disciplinary action
Review IT documentation to ensure it meets company standards and applicable regulatory requirements
Evaluate IT process deficiencies and recommend new controls to fix issues
Analyze new processes to ensure they are properly implemented
Maintain company documentation as changes need to be made
Maintain knowledge of applicable regulations to ensure company remains in compliance
Ensure audit evidence is kept and can be provided to auditors
Follow up on audit findings to ensure the proper corrective actions are taken
Conduct presentations on new policies and issues of non-compliance
May recruit, hire, train staff, evaluate employee performance, and recommend or initiate promotions, transfers, and disciplinary action
Ensure that AMC systems, networks, and operations adhere to federal cybersecurity regulations, including the Risk Management Framework (RMF) and other applicable standards
Collaborate with technical and operational teams to assess risk, enforce policy, and maintain a robust cybersecurity posture across the command
Oversee RMF compliance activities, including system categorization, control selection, implementation, assessment, and authorization
Conduct internal audits and assessments to ensure adherence to cybersecurity standards and identify areas for improvement
Coordinate with system owners and other stakeholders to ensure cybersecurity requirements are integrated throughout the system lifecycle
Monitor changes in federal cybersecurity regulations and update internal policies accordingly
Manage documentation for cybersecurity compliance
Provide guidance and training to staff on cybersecurity policy and compliance requirements
Serve as liaison with external auditors, DOD cybersecurity authorities, and other oversight bodies
Support incident response activities and ensure proper documentation and reporting of cybersecurity events
Maintain awareness of emerging threats, technologies, and best practices in cybersecurity governance
Other duties as assigned
Qualification
Required
Bachelor's degree in computer science, Engineering, Cyber Security or equivalent experience in lieu of degree
8+ years of experience in cybersecurity policy writing, compliance or risk management within a DoD or federal environment
5+ years of experience developing and implementing cybersecurity policies in a military or government setting
In depth knowledge of DoD cybersecurity frameworks, including RFM, NIST/NISPOM/DoDI 8500
Must have active certifications like CISSP, CISM. Equivalent certifications is acceptable
Must have active Top-Secret Clearance with SCI eligibility
Must have experience with eMASS
Strong understanding of federal cybersecurity regulations and the Privacy Act
Expertise in applying RMF across system lifecycles
Ability to write clear, actionable cybersecurity policies, procedures and guidance documents
Analytical and strong organizational skills, with excellent verbal and written ability
Good work ethic and active desire to learn
Skillful time management and organizational skills to set and meet deadlines
Ability to work both independently and within a team
Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement
Ability to meet minimum clearance requirements
Ability to work nights, weekends, and holidays as required
Ability to travel up to 10%
Benefits
Professional development plan
Well-being programs
Company
Chenega MIOS SBU
Chenega Corporation’s MIOS Strategic Business Unit (SBU) provides innovative solutions for federal, DOD, and commercial customers around the globe.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Chet Husk
Chief Technical Officer
Sarah Bruno, SHRM-CP
Human Resources Business Partner
Company data provided by crunchbase