Compliance Frameworks
Cyber Security Governance
Cyber Security Management
Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being and support of U.S. citizens.
The Security Director is the senior leader responsible for the governance, compliance, and overarching security posture of a Managed IT Security Operations contract. This role oversees adherence to regulatory frameworks, contractual requirements, and internal governance standards while ensuring the program’s security operations are executed with audit-readiness, risk awareness, and policy alignment at their core. The Security Director serves as the primary authority for cybersecurity compliance, governance controls, and enterprise-level security oversight.
Key Responsibilities:
• Lead the development, implementation, and enforcement of the contract’s cybersecurity governance framework, ensuring alignment with NIST, CIS, ISO, and all applicable regulatory requirements.
• Oversee all compliance activities, including evidence collection, control validation, audit preparation, and corrective action tracking.
• Ensure continuous compliance with federal, state, and industry standards, including data protection, privacy regulations, and customer-specific governance requirements.
• Establish and maintain policies, procedures, SOPs, and security documentation that support a consistent and mature governance posture.
• Serve as the primary liaison for compliance-related communication with customer stakeholders, auditors, and internal executives.
• Lead risk management initiatives, including risk assessments, gap analyses, plan of action and milestones (POA&M) management, and mitigation planning.
• Oversee the governance layer of SOC operations, ensuring operational practices meet internal and external compliance obligations.
• Direct enterprise reporting activities, including compliance dashboards, governance metrics, and executive summaries reflecting organizational security posture.
• Monitor changes in regulatory requirements and ensure the program is proactively positioned to meet evolving compliance expectations.
• Collaborate with security engineering, SOC leadership, and program management to ensure all operational decisions integrate governance and risk considerations.
• Support security architecture reviews and ensure technology decisions adhere to approved security baselines and compliance frameworks.
• Lead or support incident response governance, including breach notification processes, documentation standards, and compliance-related reporting.
Required Qualifications:
• Bachelor’s degree in Cybersecurity, Information Assurance, Compliance, or related field (or equivalent work experience).
• 10+ years of cybersecurity or compliance leadership experience, preferably within MSS/MSP or security operations environments.
• Deep knowledge of governance and compliance frameworks (NIST RMF and CSF, ISO 27001, CIS Controls, FedRAMP, PCI-DSS, HIPAA, etc.).
• Proven experience preparing for and supporting internal and external audits.
• Demonstrated ability to build and manage governance programs in complex, multi‑platform IT environments.
• Expertise in risk management, policy development, and compliance reporting.
• Relevant certifications such as CISSP, CISM, CISA, CGEIT, CRISC, or similar.
Preferred Qualifications:
• Experience supporting government contracts or highly regulated industries.
• Familiarity with cloud governance programs across AWS, Azure, and GCP.
• Experience with Zero Trust governance models.
• Additional certifications in audit, governance, or cloud security.
Key Competencies:
• Compliance and governance leadership
• Policy and procedure development
• Exceptional documentation and audit readiness
• Strategic risk management
• Strong communication and stakeholder alignment
• Analytical decision-making
Additional Information:
Location: Austin, TX. expect to be in office 2-5 days a week.
Timeline: This is a contingent role, expected to start between December 2026 and March of 2027.
GDIT IS YOUR PLACE:
Full-flex work week to own your priorities at work and at home
401K with company match
Comprehensive health and wellness packages
Internal mobility team dedicated to helping you own your career
Professional growth opportunities including paid education and certifications
Cutting-edge technology you can learn from
Rest and recharge with paid vacation and holidays
10 + years of related experience
* may vary based on technical training, certification(s), or degree
Relevant certifications such as CISSP, CISM, CISA, CGEIT, CRISC, or similar - Any
Less than 10%
The likely salary range for this position is $147,292 - $199,278. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
View information about benefits and our total rewards program.
We are GDIT. A global technology and professional services company that delivers technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across over 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, cloud, cyber and application development. Together with our customers, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans