IT Services & Compliance Manager

The IT Services and Compliance Manager is instrumental in advancing our organization's IT infrastructure resilience, overseeing IT service management, compliance adherence, and security. This role emphasizes migrating IT services, deploying and managing IT environments, establishing cloud development frameworks, and integrating IT compliance and security practices. This role will communicate frequently with the CTO and COO. 

Technology Capabilities and Experience:

This person will have experience and expertise with the following:

• Lead the transition of IT services to advanced environments, ensuring performance and minimal disruption, while establishing secure, scalable IT and cloud infrastructures.
• Manage IT service management strategies, focusing on service migration, deployment, and comprehensive asset management, including provisioning, tracking, and maintaining IT assets across the organization.
• Drive IT compliance, implementing and monitoring security controls, conducting risk assessments and audits, and integrating these measures to safeguard data integrity and system security.
• Facilitate collaboration across teams to embed compliance and security into daily operations, responding to audit findings and adapting to regulatory changes proactively.
• Utilize cloud technology expertise to develop and manage compliant, secure environments and platforms, ensuring they meet organizational needs and standards

Key Skill Sets:

• Strong background in IT service management, including planning, transitioning, and optimizing IT services and environments.
• In-depth understanding and hands-on experience with IT compliance frameworks, security controls, and risk management practices.
• Strong capability and drive to set up, audit, and maintain detailed documentation.
• Hands-on approach to IT solutions deployment
• Proficiency in cloud computing, with a focus on deploying secure and compliant cloud environments and services.
• Effective project management skills, capable of leading complex IT initiatives from concept to completion.
• Excellent communication abilities, able to articulate technical and compliance-related concepts to diverse audiences.

Requirements:

• 5+ years of practical experience in managing IT services within public sector or regulated environments, with a strong focus on service migration, deployment, and cloud environment establishment.
• Proven expertise in IT compliance, with hands-on experience in implementing and monitoring security controls.
• Advanced knowledge of cloud technologies, with experience in setting up and managing cloud enclaves and development environments.
• Up to date knowledge of Government regulations and standards (e.g. FedRAMP, NIST 800-218, NIS2, NIST 800-53, NIST 800-171, NIST CSF, CMMC)
• Expert knowledge in Cybersecurity / IT compliance assessment, System Security Plans (SSP), and Plans of Actions and Milestones (POAM) required.
• Ability to multitask and design and implement security controls and work with the larger business team to assess their effectiveness and fit for the business
• Ability to influence and communicate across the business required.
• Bachelor degree or equivalent domain experience required; specific qualifications on IT/Cybersecurity and IT Audit preferred.
• US Citizenship required.

Nice to have: 

• Strong project management skills
• Cloud or Full Stack development experience
• Expert knowledge of cloud security frameworks provided by major CSPs
• CISSP certification 

Additional Values We Care About:

• Team management experience
• Multidisciplinary team player 
• Ability to communicate clearly across teams
• Experience working with public sector customers 
• Local to our Ashburn, VA Headquarters a plus
• Excitement about working with and advancing new technologies

Other Requirements:

• This individual will contribute to programs associated or directly with the United States government. This role is required to be a US citizen.
• Must be local to the DMV area
• Must be available to travel into the office (Ashburn, VA) a minimum of one time per week
• Additional days per week on premises may be required depending on needs (client demonstrations, physical facility/data security functions and requirements, etc.)