Cybersecurity Policy & Compliance Manager

Overview

Huntsville, Alabama. Chenega Military, Intelligence & Operations Support (MIOS) is seeking a Cybersecurity Policy & Compliance Manager to lead the development, implementation, and maintenance of cybersecurity policies and compliance programs aligned with Department of Defense (DoD) Army, and NIST requirements. Chronos Operations (CO) is a wholly-owned subsidiary of Chenega Corporation, an Alaska Native Corporation based in Anchorage, AK. Chronos provides mission-critical services in Advanced Analytics & AI, Software Engineering, Cybersecurity, Information Technology, and Intelligence.

This role offers opportunities to support large-scale government operations by leveraging cutting-edge technology and ongoing professional development within our culture of integrity, respect, and exceptional performance.

Req : 39051

• Lead and manage the development, review, maintenance, and enforcement of cybersecurity policies and procedures in accordance with DoD, Army, and NIST source requirements. Create and oversee external policies, guidance, and SOPs to support the command''s cybersecurity program through an established policy development framework.
• Provide Communication Security governance and compliance reporting to maintain security of encapsulation and encryption devices.
• Develop a Knowledge Management Plan to capture data and provide business intelligence and data analysis related to COMSEC functions.
• Provide exercise support to validate the security of systems accredited by the Authorizing Official and/or Privacy Official.
• Develop additional technical and managerial cybersecurity training plans, guides and materials to enable workforce knowledge and compliance.
• Map requirements into workflows, tracking tools and milestone events (e.g., ATO packages, CONMON cycles, system upgrades).
• Work closely with Government stakeholders including ISSMs, AODRs, system owners, and command leadership to validate interpretations, prioritize actions, and maintain alignment with mission.
• Present vulnerability assessment results, control validation findings and mission impact analyses.
• Deliver after-action reports from control validation, including prioritized POA&M recommendations.
• Identify workforce skill gaps and propose targeted training aligned with DoD 8140 NIST NICE categories as needed.
• Manage and supervise staff, evaluate employee performance, and recommend or initiate promotions, transfers, and disciplinary action.
• Review IT documentation to ensure it meets company standards and regulatory requirements.
• Evaluate IT process deficiencies and recommend new controls to fix issues.
• Analyze new processes to ensure they are properly implemented.
• Maintain company documentation as changes need to be made and maintain knowledge of applicable regulations to ensure ongoing compliance.
• Ensure audit evidence is kept and can be provided to auditors; follow up on audit findings to ensure corrective actions are taken.
• Conduct presentations on new policies and issues of non-compliance.
• May recruit, hire, train staff, evaluate employee performance, and initiate promotions, transfers, and disciplinary action.
• Ensure that AMC systems, networks, and operations adhere to federal cybersecurity regulations, including the RMF and other applicable standards.
• Collaborate with technical and operational teams to assess risk, enforce policy, and maintain a robust cybersecurity posture across the command.
• Oversee RMF compliance activities, including system categorization, control selection, implementation, assessment, and authorization.
• Conduct internal audits and assessments to ensure adherence to cybersecurity standards and identify areas for improvement.
• Coordinate with system owners and other stakeholders to ensure cybersecurity requirements are integrated throughout the system lifecycle.
• Monitor changes in federal cybersecurity regulations and update internal policies accordingly.
• Provide guidance and training to staff on cybersecurity policy and compliance requirements.
• Serve as liaison with external auditors, DoD cybersecurity authorities, and other oversight bodies.
• Support incident response activities and ensure proper documentation and reporting of cybersecurity events.
• Maintain awareness of emerging threats, technologies, and best practices in cybersecurity governance.
• Other duties as assigned.

• Bachelor''s degree in computer science, engineering, cybersecurity or equivalent experience in lieu of degree.
• 8+ years of experience in cybersecurity policy writing, compliance or risk management within a DoD or federal environment.
• 5+ years of experience developing and implementing cybersecurity policies in a military or government setting.
• In-depth knowledge of DoD cybersecurity frameworks, including RMF, NIST/NISPOM/DoDI 8500.
• Active certifications such as CISSP, CISM; equivalent certifications acceptable.
• Active Top-Secret Clearance with SCI eligibility.

• Experience with eMASS.
• Strong understanding of federal…