Role Description Are you passionate about being on a team of highly skilled, motivated and dedicated professionals charged with protecting sensitive data while supporting the JHU/APL mission? Do you want to integrate cybersecurity and compliance within our enterprise, sector and department networks? Are you passionate about protecting our Nations sensitive information? If so, we’re looking for someone like you to join our team at APL. We are seeking an Assistant Group Supervisor (AGS) in Information Security Assurance (ISA) to partner with the Group Supervisor in leading a high performing organization of cybersecurity professionals. This role operates within a shared leadership model, where the AGS and Group Supervisor share responsibilities across the two primary pillars of the group; threat detection and compliance, ensuring seamless leadership coverage across both domains. This AGS role will focus primarily on the compliance pillar. As the ISA Assistant Group Supervisor, you will serve as a strategic and operational leader responsible for: - Shared Leadership Model - Partner closely with the Group Supervisor to align strategy, priorities, and execution across the ISA Group - Share responsibility for overall group performance, section leadership, and staff engagement - Provide full leadership coverage in the absence of the Group Supervisor and across all ISA functions as needed - Ensure seamless integration and coordination between all sections and responsibility pillars - Operations Leadership - Lead the maturation of ISA’s cybersecurity risk management and compliance program - Provide strategic oversight of the Laboratory's compliance posture with government regulations with a primary focus on CMMC and NIST SP 800-171 requirements - Collaborate with business areas and technical staff to support compliance assessments and serve as a key liaison with Certified Third-Party Assessment Organizations (C3PAOs) - Drive a risk-based, "how do we get to yes" approach that balances compliance requirements, operational needs, and practical risk management - Establish and maintain processes for risk identification, assessment, acceptance, and mitigation - Provide oversight for security assessments, audits, and continuous monitoring activities - Lead the Laboratory's CMMC assessment program, including oversight of C3PAO relationships and preparation for annual affirmations of compliance across the organization - Provide guidance on cybersecurity requirements contained in RFIs, RFPs, and contracts to ensure compliance obligations are clearly understood and appropriately addressed - Lead the buildout of posture monitoring, configuration management, and cloud compliance capabilities across ISA sections - Ensure continuous monitoring principles are operationalized and aligned with both compliance requirements and the broader threat detection and response - Lead the hiring and development of section leadership and staff as the sections mature - Organizational Leadership - Ensure Section Supervisors are effectively managing staff performance, development, and accountability within their respective security functions - Identify and develop high-potential staff and build leadership bench strength across the broader ISA Group - Ensure staff are provided meaningful opportunities for growth aligned with organizational needs - Provide expert guidance on complex risk decisions, including exception handling and compensating controls - Partner with threat detection and incident response leadership to maintain feedback loops between detection findings and control improvements - Leverage data and analytics to identify systemic risks, control gaps, and trends across the security program - Provide executive management awareness of the ongoing state of compliance across the enterprise Qualifications - Have a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, a related field, or requisite experience - Have at least 7 years of experience in cybersecurity, with significant experience in governance, risk, and compliance - Have at least 5 years of experience leading and/or managing teams with demonstrated ability to exercise sound judgment and discretion - Have strong working knowledge of NIST SP 800-171 and applicable federal cybersecurity compliance frameworks - Demonstrate the ability to translate policy and regulatory requirements into actionable security practices - Have experience balancing mission needs with security and compliance requirements in complex environments - Have familiarity with cloud security architectures, identity-first security models, or modern data platforms - Have experience using data and metrics to drive risk-based decisions - Possess excellent interpersonal, written, and oral communication skills, with a proven ability to operate effectively at all levels of leadership - Are able to obtain a Secret security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship. Requirements - Have a Master's degree in Cybersecurity, Computer Science, Information Systems, a related field, or requisite experience, including significant cybersecurity leadership experience spanning both GRC and security operations - Have experience standing up or restructuring security operations functions, including defining mission scope and building teams - Have experience leading organizational transformation or modernization initiatives within a cybersecurity program - Have experience integrating security telemetry, behavioral analytics, or automated tooling into compliance or risk management workflows - Have experience implementing quantitative or risk-based decision frameworks - Hold relevant professional certifications (e.g., CISSP, CISM, CRISC) - Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk Benefits - Generous benefits, including a robust education assistance program - Unparalleled retirement contributions - Healthy work/life balance - Comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development