Manager - GRC - Contract-to-Perm jobs in United States
cer-icon
Apply on Employer Site
company-logo

CDW · 11 hours ago

Manager - GRC - Contract-to-Perm

positionUnited States
timeContract
remoteRemote
senioritySenior Level
money$111K/yr - $138K/yr
date7+ years exp

CDW is a collaborative company focused on delivering for their customers. They are seeking a strong, hands-on leader to manage the Government Security Governance & Compliance Program within the Global Information Security organization, overseeing the implementation of NIST SP 800-171 and CMMC requirements.

AnalyticsArtificial Intelligence (AI)Cyber SecurityGraphic DesignHardwareInformation TechnologySoftware
badNo H1BnoteU.S. Citizen Onlynote
Hiring Manager
Stephanie Calk (She/Her)
linkedin

Responsibilities

Lead the Government Compliance Program for NIST SP 800 171 and CMMC Level 2, ensuring ongoing governance, monitoring, assessment, and sustainment across all in scope systems and processes
Maintain the compliance framework, including policies, control requirements, procedures, and documentation
Manage control execution and readiness, overseeing continuous monitoring, reassessments, and preparation for internal and external assessments
Own core compliance documentation, including the System Security Plan (SSP), system diagrams, asset inventory, boundary definitions, and CUI data flows; ensure these remain accurate and audit ready
Oversee Operational Plans of Action (OPA), including creation, tracking, and remediation validation
Evaluate technical, architectural, and procedural changes for compliance impact and ensure updates are incorporated into program materials
Lead assessment activities, including evidence collection, stakeholder preparation, interviews, sampling, and engagement with external assessors
Ensure accurate SPRS scoring, documentation, and required submissions
Deliver executive level reporting, including compliance status, metrics, dashboards, and risk summaries that support leadership decisions
Oversee Government related third party risk, including subcontractor and cloud provider assessments, DFARS flow down verification, FedRAMP inheritance alignment, and lifecycle vendor oversight
Review Government contracts and RFPs to identify obligations, assess feasibility, and ensure security requirements are met before commitment
Respond to customer questionnaires and audit inquiries with accurate, authoritative compliance information
Identify risks and deficiencies, recommend mitigation strategies, and drive corrective actions with system owners
Manage and mentor the compliance team, promoting accuracy, accountability, and continuous improvement
Stay current on regulatory changes, CMMC updates, NIST revisions, DoD guidance, CUI expectations, and SPRS methodology updates; advise leadership on impacts and enhancements
Support overall Security Risk Management processes and perform other assigned tasks that contribute to team success

Qualification

CMMC Level 2NIST SP 800-171Security Risk ManagementCompliance DocumentationInformation Security PrinciplesLeadership ExperienceAnalytical SkillsFAR KnowledgeCISSP CertificationCISA CertificationCISM CertificationCRISC CertificationCommunication SkillsProblem-Solving SkillsMentoring Skills

Required

Bachelor's degree with 7 years of experience in security risk management, audit, or compliance, or related roles, to include 3 years hands on experience with CMMC Level 2, NIST SP 800-171, or similar frameworks and 1 year of leadership experience
11 years of total Information Technology experience including 7 years of experience in security risk management, audit, compliance or related roles, to include 3 years hands on experience with CMMC Level 2, NIST SP 800-171, or similar frameworks and 1 year of leadership experience
Demonstrated experience managing and supporting customer or stakeholder engagements
Hands‑on experience with assessments and audits, including scoping, control mapping, and evidence collection
Strong proficiency in information security principles and practices
Excellent written and verbal communication skills, with the ability to present, influence, and negotiate effectively
Ability to translate technical security requirements into clear, business‑focused language for diverse audiences
Strong analytical and problem‑solving skills, with meticulous attention to detail and accuracy
Ability to work independently and collaboratively in a fast‑paced, dynamic environment
Proven ability to manage multiple priorities and deliver high‑quality results within deadlines
Demonstrated leadership skills, including the ability to mentor others and foster a positive, collaborative team culture
Knowledge of NIST SP 800-171, NIST SP 800-53, CMMC, SOX, Secure Controls Framework and other security standards and frameworks
Familiarity with FAR, DFARS, and SPRS a plus
Certifications such as CMMC Certified Assessor (CCA), CMMC Certified Professional (CCP), CISSP, CISA, CISM, or CRISC are a plus

Company

CDW

twittertwittertwitter
Glassdoor3.9
company-logo
At CDW, we know how to make technology work so people can do great things.
dateFounded in 1984
location
Vernon Hills, Illinois, USA
people-size10001+ employees
web-link
http://cdw.com

Funding

Current Stage
Public Company
Total Funding
$58.74M
2015-08-01Post Ipo Equity· $58.74M
2013-06-27IPO
2008-07-31Series Unknown

Leadership Team

leader-logo
Christine Leahy
President & CEO
linkedin
leader-logo
Sanjay Sood
Chief Technology Officer
linkedin

Recent News

Government Technology US
FETC26: How to Navigate New Changes to E-Rate
2026-01-16
EIN Presswire
Templar Shield and CDW Announce Strategic Partnership
2026-01-05
MarketScreener
CDW Corp enters $2,884.5 million senior unsecured credit facility - SEC filing
2025-12-24
Company data provided by crunchbase