Assessment & Authorization (A&A)
CISSP
Cyber Security Governance
Governance Risk Compliance (GRC)
NIST 800-53
Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being and support of U.S. citizens.
Technical Lead Cybersecurity Operations
Advance your career while impacting security of our hosting environment as a Governance, Risk & Compliance (GRC) Lead at GDIT. Here, technologists have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.
MEANINGFUL WORK AND PERSONAL IMPACT
As the Governance, Risk & Compliance (GRC) Lead, the work you’ll do at GDIT will be impactful to the mission of the customer. The GRC Lead oversees all GRC-related functions supporting NCI’s cybersecurity governance framework, ensuring consistent implementation of policies, processes, and enterprise-wide compliance efforts. This position leads teams that design, document, automate, and enhance governance workflows, system inventories, common controls, policy frameworks, and enterprise risk processes. The role mirrors senior GRC leadership positions at large federal contractors.
Bring your program management expertise along with a drive for innovation to GDIT.
Responsibilities
Lead NCI’s enterprise cybersecurity governance program, ensuring alignment with NIH, HHS, FISMA, and NIST RMF requirements.
Develop and maintain cybersecurity policies, SOPs, standards, templates, and procedural documentation.
Oversee FISMA system inventory accuracy and integration with ServiceNow CMDB modules.
Lead the development and optimization of GRC automation tools, including ServiceNow modules (e.g., FAST, eGRC integrations).
Provide expert consulting to system owners, development teams, and stakeholders on governance practices, risk mitigation, and compliance requirements.
Support security audits, internal assessments, OIG/GAO readiness, and CAP tracking.
Lead common controls program activities including documentation, tailoring, assessment, and inheritance guidance.
Analyze enterprise risks, identify trends, and prepare reports and dashboards for leadership decision-making.
Qualifications
Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field
Experience: 5+ years leading cybersecurity governance programs for federal agencies.
Certification: Possess at least one of the following CISSP, CISM, CRISC, CISA, GSLC
Security clearance level: the ability to obtain a Public Trust
Skills
Experience applying NIST risk assessment methodologies.
Experience managing cybersecurity teams and prioritizing workloads and risks.
Experience with eGRC tools (JCAM, Archer, or equivalent).
ITIL Foundations certification (or ability to obtain within 3 months).
Demonstrated experience developing A&A and governance streamlining processes.
Experience with ServiceNow GRC, CMDB, or custom workflow development.
Experience supporting federal research or health-science organizations.
Familiarity with OSCAL, control inheritance models, and continuous monitoring frameworks.
Policy development and governance strategy
Risk analysis & risk communication
Process design and automation leadership
Strong written communication and documentation skills
Cross-team collaboration and change management
GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.
Growth: AI-powered career tool that identifies career steps and learning opportunities
Support: An internal mobility team focused on helping you achieve your career goals
Rewards: Full benefits, wellness programs, 401K matching, competitive salary, and paid time off.
Community: Award-winning culture of innovation and a military-friendly workplace
OWN YOUR OPPORTUNITY
Explore a career in program management at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.
10 + years of related experience
* may vary based on technical training, certification(s), or degree
Certified Information Systems Security Professional (CISSP) | International Information System Security Certification Consortium (ISC2) - International Information System Security Certification Consortium (ISC2)
ITIL v3 Foundation | PeopleCert - PeopleCert
None
The likely salary range for this position is $142,792 - $184,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
View information about benefits and our total rewards program.
As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during virtual interviews. We reserve the right to take your picture to verify your identity and prevent fraud. By proceeding, you authorize the collection, processing, and use of your biometric data for identity verification and security purposes.
We are GDIT. A global technology and professional services company that delivers technology solutions and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50+ countries worldwide, offering leading mission-ready capabilities in AI, cloud, cyber and software development.
Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans