itD is seeking a Security Governance, Risk, and Compliance (GRC) Program Manager (Compliance Specialist V) to lead strategic security risk initiatives and provide second-line oversight of enterprise risk and compliance programs. This role is critical in shaping organizational security posture, ensuring alignment with global regulatory requirements, and enabling scalable, secure business operations across diverse business units. The ideal candidate will bring deep expertise in cybersecurity and GRC frameworks, along with a proven track record of delivering enterprise risk programs, automated control frameworks, and cross-functional security initiatives. Location: Remote (U.S.-based) Duration: 6 Months We provide comprehensive medical benefits, a 401k plan, paid holidays, and more. Please note that we are only considering direct W2 candidates at this time, as we are unable to offer sponsorship. Responsibilities - Lead and execute strategic risk initiatives within the Security GRC program to strengthen enterprise security posture - Identify, assess, and resolve complex cybersecurity and compliance risks across multiple business units - Develop, implement, and automate security controls aligned with industry GRC standards - Collaborate cross-functionally with Security, Product, Engineering, and Legal teams to ensure regulatory alignment and risk mitigation - Influence senior stakeholders and drive adoption of best practices in risk management and compliance - Establish frameworks and governance processes that support scalable and secure business operations - Drive thought leadership and continuous improvement in security risk management practices Internal Responsibilities - Attend regular internal practice community meetings - Collaborate with your itD practice team on industry thought leadership - Complete client case studies and learning material (blogs, media material) - Build out material to contribute to the Digital Transformation practice - Attend internal itD networking events (in person and virtual) - Work with leadership on career fast-track opportunities Required Qualifications and Skills - 10+ years of experience in cybersecurity, risk management, or GRC programs - Deep knowledge of cybersecurity and Governance, Risk, and Compliance (GRC) frameworks - Experience building and implementing security controls and automation - Proven ability to lead strategic initiatives and influence cross-functional stakeholders - Strong experience in risk assessment, compliance, and internal governance processes Preferred Qualifications and Skills - Experience with regulatory compliance across global environments - Background in program management within large technology organizations - Prior experience with leading tech companies or Big 4 consulting firms - Strong internal networking, stakeholder engagement, and advocacy skills Education - Bachelor’s degree in a relevant field or equivalent work experience required Company Description About itD: We are part of a new generation of consulting and software development company that blends diversity, innovation, and integrity with real business results. Our structure rejects any strong hierarchy, empowering us to deliver excellent results. We are a woman- and minority-led firm. Every day, we challenge ourselves to be considerate, fair and to re-think what great outcomes mean for our customers. This permeates down to how we approach every interaction, on every project, for every client. You’ll thrive here if you are a dynamic self-starter, a difference-maker or someone who wants to deliver great results, without constraints. The itD Digital Experience: Joining us means you’ll be part of our global community, you have a say about your own career journey, and you’ll get a chance to give back to causes that matter. You will experience working with Fortune 500 companies and high-performance teams across numerous industries. itD offers our employees excellent benefits such as medical, dental, vision, life insurance, paid holidays, 401K + matching, networking & career learning and development programs. We are growing and we want to see you grow! Visit https://itdtech.com/careers to learn more about what working at itD can mean for you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. itD is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or to perform the essential functions of a position, please contact us at recruiting@itdtech.com and let us know the nature of your request and your contact information. Additional Info Dynamic environment in a culture of respect, empowerment and recognition for a job well done, apply today!

• Stand up and lead a lean, highly efficient, and automation-driven Security and Threat Operations team, including hiring, coaching, and career development of analysts and engineers. • Establish operating rhythms (standups, metrics reviews, post-incident retrospectives) and standard operating procedures for response, containment, eradication, and recovery. • Build and maintain a Security and Threat Operations strategy in coordination with the CISO and other stakeholders, including software engineering, data engineering, and IT. • Develop and report on KPIs and KRIs for the Security and Threat Operations function. • Align SecOps processes to FFIEC/GLBA expectations and industry frameworks (NIST CSF and Cyber Risk Institute Profile). • Prepare evidence for audits/exams; provide clear, actionable metrics and board-level reporting on SOC performance, incident trends, control coverage, and risk reduction. • Partner with Legal, Compliance, Privacy, and Third-Party Risk on obligations and notifications. • Coach analysts on analytical rigor, bias reduction, and structured investigations. • Promote a blameless, learning-oriented culture that prizes speed, accuracy, and craftsmanship. • Own SIEM/SOAR strategy and daily operations; drive log onboarding, normalization, and high-fidelity detections across the entire technology landscape. • Serve as incident response commander for high-severity incidents; coordinate cross-functional responders in Infrastructure, IT, Engineering, Legal, and Compliance. • Build, maintain, and continuously improve standard operating procedures (SOPs), runbooks, and playbooks. • Maintain and exercise incident response plans through tabletop and similar activities. • Maturity evidence handling, forensics workflows, and case management; ensure accurate timelines and regulator-ready documentation. • Drive post-incident reviews with measurable corrective actions (people/process/technology) and executive readouts. • Own the vulnerability management lifecycle, ensuring coverage of vulnerability discovery, triage, and management across servers, endpoints, network, cloud subscriptions, containers/images, and custom APIs.

• Act as a subject matter expert for GCP cloud security • Design, configure, and optimize Google Security Command Center (SCC) • Monitor and investigate security events using GCP audit logs • Identify misconfigurations and data exfiltration risks • Correlate findings with CNAPP, endpoint, and SIEM data sources • Identify attack paths across complex GCP environments • Assist with the development of automated response playbooks • Lead cloud-native incident response activities • Perform cloud forensics to analyze identity activity • Produce investigation reports and post-incident recommendations • Provide architectural guidance on secure GCP design • Partner with engineering teams to embed security controls

Role Description Tyto Athene is searching for a Security Operations Center (SOC) Team Lead for an exciting opportunity that combines project management and customer success roles. - Team Lead for a SOC team including watch floor analysts, engineers, threat hunters, incident responders, and cyber threat analysts. - Provide guidance and direction to the SOC team to ensure execution and delivery of team tasks, requirements, and projects. - Lead customer onboarding to include developing schedules, tracking deliverables, creating slide decks, briefing the customer, and guiding customers through the onboarding process. - Build and maintain strong relationships with customers, acting as the primary point of contact for the customers. - Answer customer requests, schedule customer meetings, coordinate any engineering work or responses needed, and organize and deliver any necessary documentation to customers. - Perform weekly and monthly reviews and ensure communication plans and vital customer information is updated. - Work with the SOC team to develop and deliver an annual customer health check for each customer. - Serve as the liaison and advocate for the customer with the SOC team. - Work with customers and the SOC team to create success plans tailored to customer specific goals and objectives, monitoring progress towards achieving desired outcomes. - Collect onboarding and annual health check feedback from each customer. - Organize, schedule, and finalize any lessons learned as required by the SOC. - Develop new and innovative ideas to enhance customer service and customer value. - Track and monitor all SOC team projects progress and performance to include running daily engineering standups. - Work with the SOC team on customer case issues, updates, and overall quality. - Interface with client’s senior management personnel, including briefings up to CIO/CISO level. - Leverage industry knowledge, best practices, lessons learned and stakeholder feedback to develop, implement and continuously improve all services offered under the SOC. - Guide and mentor team members. - Work closely with the SOC Manager to function as the single point of coordination and accountability, ensuring that all technical work, communications, and decision-making remain aligned, timely, and defensible. - Maintain awareness of emerging cyber threats and vulnerabilities. - Lead the development and distribution of threat summaries, vulnerabilities notices, and flash threat emails. - Create and distribute vulnerability reports as needed. - Must have the ability to work in a dynamic environment and flexibly adapt to changing conditions. - Must have a high degree of originality, creativity, and initiative requiring minimal supervision. Qualifications - Bachelor's degree (or an additional 4 years of related experience). - Minimum three (3) years of experience managing projects. - Strong leadership, written and verbal communication, and analytic and problem-solving skills. - Knowledge of SOC operations. Requirements - Experience interfacing with and managing customers. - Active program management certification (e.g., PMP). - Active advanced cybersecurity certification (e.g., CISSP). - Agile experience and certifications are a plus. - Other relevant IT certifications are a plus. - Public Trust/Criminal Background clearance. Benefits - Health/Dental/Vision. - 401(k) match. - Paid Time Off. - STD/LTD/Life Insurance. - Referral Bonuses. - Professional development reimbursement. - Parental leave. Company Description Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains—Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT—empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly supports Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide. At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?