We are GDIT. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that’s important.
GDIT is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day.
We think. We act. We deliver. There is no challenge we can’t turn into opportunity. And our work depends on a Manager, IT Governance joining our team.
The Manager, IT Governance is responsible for leading and executing GDIT’s CMMC, Sarbanes-Oxley IT and other regulatory compliance processes. This position will report directly to the Director, IT Risk Management & Compliance and work closely with General Dynamics internal audit, external audit firm, and key process/control owners across the organization to maintain effective, cost efficient and consistent IT control processes across multiple regulatory requirements.
Specific responsibilities include:
Provide leadership and guidance for IT internal control requirements and compliance, privacy controls, and required cyber control frameworks
Support the execution of key CMMC and ISO 27001 initiatives such as internal cyber control maturity posture, corporate-wide CMMC education and training, working with Supply Chain Management on supplier outreach and governance and managing ISO 27001 certification process.
Support the execution of management’s SOX IT risk assessment, system implementation and scoping activities to ensure proper risk identification, process mapping and controls linkage for a sustainable IT internal control framework
Support internal privacy and cyber security regulatory compliance programs and processes
Partner with internal and external auditors to plan IT control phased assessments to include testing plan development and stakeholder communication
Collaborate with key process owners and business partners to facilitate test of design and operating effectiveness of IT internal controls over financial reporting
Prepare and present updates to senior IT leadership, including IT control deficiencies and remediation plans
Manage IT remediation plans through completion
Perform ad-hoc special projects, as deemed necessary
Bachelors degree in a related discipline plus 5+ years of relevant experience; OR the equivalent combination of education, relevant work experience, and training.
Experience in IT internal controls testing, SOX documentation, and compliance audits
Previous experience leading and managing IT audits at a BIG 4 accounting firm or consulting firm
Experience in cyber security and privacy regulatory controls frameworks (such as CMMC, ISO 27001, NIST 800-53, NIST Risk Management Framework, or General Data Protection Regulation)
Strong knowledge of Sarbanes Oxley, IT general controls, audit methodologies and IT compliance issues
Strong data analysis experience and skills; must be able to dive deep into data, call out trends, and make recommendations to influence results
Proven ability to independently evaluate controls over IT processes
Able to assert own ideas and actively demonstrate influencing skills to persuade others at all levels in the company
Excellent written and verbal communication skills; must be able to succinctly and accurately articulate information and data
Experience in defense contract industry highly preferred
Possess related professional certifications such as CISSP, CISM and/or CISA
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.