Gunnison Consulting Group logo

Lead Cybersecurity Compliance SME

Gunnison Consulting Group
Full-time
On-site
Washington, District of Columbia, United States

Work Location: Hybrid/Washington, DC.


We are seeking a motivated and customer-oriented cybersecurity professional to support our Department of State client. The candidate will support maturation of the customer's cybersecurity program to enact cyber policy, roles, operations, and compliance.


Duties and responsibilities include:



  • Drive the development and implementation of comprehensive cybersecurity policies tailored for a software development environment. Interpret the current security framework series to ensure alignment and address specific needs of our organization.

  • Serve as the subject matter expert on cybersecurity compliance standards, regulations, and best practices for US government contracting. Proactively monitor for changes and updates.

  • Conduct thorough risk assessments, identify potential vulnerabilities, and recommend proactive mitigation strategies to safeguard our software development processes.

  • Collaborate with stakeholders to develop and deliver effective cyber role-based training programs (SO, ISSO, ISSM, etc.), promoting security awareness throughout the organization.

  • Design and execute compliance audits to evaluate adherence to cybersecurity policies, standards, and regulations. Identify gaps and drive corrective actions.


Required Qualifications:



  • Minimum of Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field. Equivalent experience in these areas will be considered in lieu of a degree.

  • Minimum of 8 years of experience in cyber compliance, with a significant portion focused on US government contracting and software development environments.

  • Government Standards Expertise: Comprehensive and up-to-date knowledge of US government cybersecurity regulations and standards (NIST, FISMA, FedRAMP, DFARS, etc.).

  • Auditing Skills: Proven experience in conducting security audits and assessments within government compliance frameworks.

  • Analytical Mindset: Exceptional analytical skills for interpreting complex requirements and translating them into actionable compliance strategies.

  • Excellent Communication: Clearly articulate security risks, compliance requirements, and best practices to both technical and non-technical stakeholders.

  • Continuous Improvement Focus: A demonstrated drive for identifying areas of improvement and streamlining compliance processes within a dynamic software development environment.


Desired Qualifications:



  • Certifications: CISSP, CISM, or other highly regarded cybersecurity certifications are strongly preferred.

  • In-depth knowledge of Department of State FAM/FAH to seamlessly integrate compliance requirements into our software development workflows and documentation.


Clearance Requirement: Active Secret clearance.




Why Join Gunnison?



  • Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.

  • Quality is our top priority.

  • Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.

  • There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.

  • We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.

  • We hire for careers at Gunnison, not to fill a position.


Employee Benefits


Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:



  • Bonuses AND profit-sharing

  • 401k Matching

  • Certifications and training allowance $2,500/year

  • 3 weeks of personal leave your first year (160 hours can roll over every year)

  • 5 days of Flex-Time-Off per year


Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.


In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.