Compliance Manager, Mid (training)

Position Summary

The Compliance Manager, Mid – Training supports the OIS Cybersecurity Services (CS) Division in enhancing OS privacy and security practices through effective training and awareness programs. This position is responsible for developing, implementing, and managing role-based and baseline training initiatives for OS stakeholders, ensuring compliance with federal cybersecurity policies, NIST RMF, FISMA, and OS-specific standards. The Compliance Manager ensures that training programs promote a culture of security, reinforce compliance objectives, and prepare OS staff to effectively manage cybersecurity risks.

Functional Responsibilities

OS Data Guardian Program Support

• Manage and sustain the OS Data Guardian Program, a collaborative forum for security and privacy stakeholders across OS StaffDivs.
• Facilitate sharing of best practices, information, and strategies to improve OS security posture.
• Promote continuous engagement and collaboration among cybersecurity and privacy stakeholders to support OS cybersecurity goals.

Training Development & Delivery

• Develop, maintain, and implement baseline and role-based cybersecurity training for SSPOs, System Owners (SOs), Business Owners (BOs), Project/Program Managers, and other OS stakeholders.
• Follow Instructional Systems Design (ISD) principles to assess training needs, establish learning objectives, design curricula, and evaluate training effectiveness.
• Customize SSPO training to address primary responsibilities, advanced skills, tool updates, and evolving cybersecurity threats.
• Ensure that all training programs support operational duties, ongoing risk management, and compliance with OS and federal standards.
• Develop specialized, advanced training and targeted sessions for super-users and stakeholder communities.

Training Compliance Management

• Launch, monitor, and track training compliance across all OS StaffDivs, ensuring 100% participation in annual information security and privacy awareness programs.
• Maintain real-time compliance tracking in preparation for FISMA and other federal reporting requirements.
• Provide metrics and reports on training completion, compliance trends, and training effectiveness to senior leadership.

Stakeholder Engagement & Communication

• Serve as a communication conduit, disseminating information and stimulating open dialogue regarding security, privacy, and compliance topics.
• Educate OS stakeholders on the ATO process, ongoing authorization, and use of information security policies and tools.
• Promote understanding of cybersecurity roles, responsibilities, and risk management practices across OS StaffDivs.

Continuous Improvement & Program Evaluation

• Collect and analyze feedback to improve training programs, instructional methods, and training delivery.
• Evaluate the effectiveness of training in supporting OS cybersecurity objectives and compliance requirements.
• Ensure training programs evolve to address updates to tools, procedures, regulations, and emerging cybersecurity risks.

Required Qualifications

• Minimum of 3–5 years of experience in compliance, cybersecurity, or training program management, preferably within federal or regulated environments.
• Knowledge of federal cybersecurity policies, NIST RMF, FISMA, and OS-specific security standards.
• Experience designing, implementing, and evaluating role-based and baseline training programs.
• Strong organizational, analytical, and communication skills, with experience engaging stakeholders at multiple levels.
• Ability to manage multiple projects, track compliance metrics, and report on training outcomes.

Education & Experience

• Bachelor’s degree in Information Technology, Cybersecurity, Education, or a related field required.
• Prior experience supporting cybersecurity or privacy awareness programs in federal or government contracting environments preferred.

Desired Certifications (Preferred)

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Privacy Professional (CIPP)
• Instructional Design or Training-related certification (e.g., CPTM, ATD)
• Project Management Professional (PMP)

Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Health savings account
• Paid time off
• Vision insurance

Work Location: Hybrid remote in Washington, DC 20201