ZipRecruiter

Log In

1

Cyber Security Governance Jobs (NOW HIRING)

ICF International, Inc.

Manager, Cyber Security

Reston, VA · On-site

$115K - $156K/yr

Lead cybersecurity governance and RMF coordination across a complex federal technology services environment. * Develop, maintain, and coordinate cybersecurity assessment documentation, including FIPS ...

SAIC

Deputy Cybersecurity Governance Lead

Washington, DC · Hybrid

$131K/yr

The Deputy Cybersecurity Governance Lead provides deep technical and operational oversight for teams responsible for system security, assessment and authorization, continuous monitoring, and risk ...

Cardinal Health

$106K - $142K/yr

Job Summary The Vice President - Cybersecurity Governance, Risk & Compliance is a senior executive responsible for establishing, leading, and evolving the enterprise-wide cybersecurity governance ...

SAIC

Deputy Cybersecurity Governance Lead

Washington, DC · Hybrid

$131K/yr

The Deputy Cybersecurity Governance Lead provides deep technical and operational oversight for teams responsible for system security, assessment and authorization, continuous monitoring, and risk ...

SAIC

Deputy Cybersecurity Governance Lead

Washington, DC · On-site

$131K/yr

The Deputy Cybersecurity Governance Lead provides deep technical and operational oversight for teams responsible for system security, assessment and authorization, continuous monitoring, and risk ...

next page

Showing results 1-20

All JobsCyber Security Governance Jobs

Cyber Security Governance information

See salary details

$57K

$133K

$186K

How much do cyber security governance jobs pay per year?

As of Jun 16, 2026, the average yearly pay for cyber security governance in the United States is $132,962.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,000.00 and $150,000.00 per year, depending on experience, location, and employer.

What does a cybersecurity governance specialist do?

A cybersecurity governance specialist develops and implements policies, standards, and procedures to ensure an organization’s cybersecurity aligns with legal and regulatory requirements. They oversee risk management, compliance, and security frameworks, often using tools like risk assessments and audits to protect information assets and support organizational security strategies.

Can you make $500,000 a year in cyber security?

Cyber security governance roles, such as Chief Information Security Officer (CISO) or senior security executives, can reach or exceed $500,000 annually with extensive experience, certifications like CISSP, and leadership responsibilities. Most entry- and mid-level cyber security positions typically offer lower salaries, but senior roles in large organizations or with specialized skills can achieve high compensation.

What are the key skills and qualifications needed to thrive in the Cyber Security Governance position, and why are they important?

To thrive in Cyber Security Governance, you need a solid understanding of information security frameworks, risk management, compliance regulations, and policy development, typically backed by a degree in cybersecurity, information technology, or a related field. Experience with GRC (Governance, Risk, and Compliance) tools, and certifications such as CISSP, CISM, or ISO 27001 Lead Implementer are highly valued. Strong communication, analytical thinking, and problem-solving abilities help professionals effectively navigate complex organizational landscapes and drive stakeholder engagement. These skills are vital to ensure organizations not only comply with regulatory standards but also proactively manage information security risks.

What are the key responsibilities of a Cyber Security Governance professional on a daily basis?

As a Cyber Security Governance professional, your daily responsibilities typically involve developing and updating security policies, conducting risk assessments, and ensuring compliance with regulatory frameworks. You may work closely with IT, legal, and management teams to align security strategies with business objectives and to communicate security requirements across the organization. Reviewing audit findings, monitoring for policy violations, and leading awareness training sessions are also common tasks. This role requires a proactive approach to managing evolving security risks and supporting a culture of continuous improvement in information security.

What is the role of governance in cyber security?

In cyber security governance, the Cyber Security Governance professional establishes policies, standards, and procedures to ensure an organization’s security objectives are met. They oversee compliance, risk management, and strategic alignment of security initiatives, often working with frameworks like ISO 27001 or NIST. Effective governance helps organizations manage security risks and maintain regulatory compliance.

What is a Cyber Security Governance job?

A Cyber Security Governance job focuses on establishing and enforcing security policies, frameworks, and compliance requirements to protect an organization's data and systems. Professionals in this role ensure that security practices align with business objectives, industry regulations, and risk management strategies. They collaborate with stakeholders to develop governance structures, assess security risks, and enforce accountability across teams. Their work helps organizations maintain compliance with standards like ISO 27001, NIST, and GDPR. Effective governance improves overall cybersecurity posture while ensuring regulatory adherence.

Is SOC an entry level job?

A Security Operations Center (SOC) analyst role is typically not entry-level and usually requires some experience in cybersecurity, network monitoring, or related fields. Entry-level positions may be labeled as SOC analyst I or junior SOC analyst, but higher-level roles often demand certifications like CompTIA Security+ or CISSP and familiarity with security tools such as SIEM systems. Advancing in SOC roles generally involves gaining hands-on experience and technical skills.
More about Cyber Security Governance jobs
What cities are hiring for Cyber Security Governance jobs? Cities with the most Cyber Security Governance job openings:
What are the most commonly searched types of Cyber Security Governance jobs? The most popular types of Cyber Security Governance jobs are:
What states have the most Cyber Security Governance jobs? States with the most job openings for Cyber Security Governance jobs include:
What job categories do people searching Cyber Security Governance jobs look for? The top searched job categories for Cyber Security Governance jobs are:
Cyber Security Governance jobs near you
Infographic showing various Cyber Security Governance job openings in the United States as of June 2026, with employment types broken down into 97% Full Time, and 3% Contract. Highlights an 81% Physical, 8% Hybrid, and 11% Remote job distribution, with an average salary of $132,962 per year, or $63.9 per hour.
Manager, Cyber Security

Manager, Cyber Security

ICF International, Inc.

Reston, VA • On-site

$115K - $156K/yr

Full-time

Posted 28 days ago

Job description

This role is contingent upon a contract award.
ICF is seeking an experienced Cybersecurity Manager to lead cybersecurity governance, risk management, compliance coordination, and security integration for a complex federal technology services program. This role will be responsible for ensuring cybersecurity requirements are addressed across systems, applications, integrations, cloud services, product delivery, and operational support functions.
The ideal candidate has demonstrated experience supporting federal cybersecurity programs that require RMF alignment, assessment documentation, POA&M management, contingency planning, vulnerability coordination, cybersecurity reporting, and integration with engineering and product delivery teams. This role requires strong knowledge of federal cybersecurity requirements, practical risk management judgment, and the ability to coordinate across technical, program, operations, assessor, and client stakeholder groups.
Job Location: This position is remote within the United States.
Please note that ICF monitors employee work locations, restricts access from foreign locations and IP addresses, and prohibits the use of personal VPN connections.
What You'll Be Doing
  • Lead cybersecurity governance and RMF coordination across a complex federal technology services environment.
  • Develop, maintain, and coordinate cybersecurity assessment documentation, including FIPS 199 analyses, E-Authentication Risk Assessments, security control implementation statements, and supporting control artifacts.
  • Support system teams, product teams, security assessors, and client stakeholders in preparing and maintaining cybersecurity evidence and compliance documentation.
  • Evaluate cybersecurity risks associated with new capabilities, including applications, integrations, plug-ins, software tools, system connections, and platform changes.
  • Track system security deficiencies, remediation activities, and Plans of Action and Milestones through closure.
  • Lead or support development, maintenance, and testing of contingency plans for systems and services within program scope.
  • Develop and maintain cybersecurity governance standard operating procedures, workflows, templates, and reporting mechanisms.
  • Coordinate cybersecurity inputs into engineering, product delivery, architecture, DevSecOps, cloud, data, and service operations activities.
  • Support vulnerability management, incident response coordination, risk reviews, control evidence collection, and security-related data calls.
  • Partner with service operations, identity, device, network, platform, and application teams to ensure cybersecurity responsibilities are clear and evidence is maintained.
  • Monitor cybersecurity risks, issues, dependencies, and compliance gaps, and escalate items requiring leadership attention.
  • Translate cybersecurity requirements and risks into practical guidance for technical teams, program leadership, and client stakeholders.

What You Must Have
  • Bachelor's Degree
  • U.S. Citizenship required due to federal contract requirements.
  • Must be able to obtain and maintain a Federal Public Trust clearance.
  • 10+ years of experience supporting cybersecurity, information assurance, security governance, risk management, compliance, or RMF activities in federal or regulated environments.
  • Active CISSP, CISM, CAP, Security+, GSEC, or equivalent cybersecurity certification.

Preferred Qualifications
  • 7+ years of experience supporting federal cybersecurity requirements, including FISMA, NIST 800-53, RMF, POA&M management, system assessment, or authorization activities.
  • 5+ years of experience developing or maintaining cybersecurity assessment documentation, control implementation statements, security plans, contingency plans, risk assessments, or security artifacts.
  • 5+ years of experience coordinating with system owners, security assessors, engineering teams, product teams, operations teams, or federal cybersecurity stakeholders.
  • 5+ years of experience supporting vulnerability management, incident response coordination, remediation tracking, control evidence collection, or cybersecurity reporting.
  • 3+ years of experience evaluating cybersecurity risks for new technologies, applications, integrations, SaaS platforms, cloud services, or system connections.
  • 3+ years of experience supporting cybersecurity governance for cloud, SaaS, application modernization, DevSecOps, data, or enterprise platform environments.
  • Experience supporting HHS, NIH, FDA, CMS, CDC, or other health-focused federal environments.
  • Experience with Zero Trust, identity and access management, endpoint security, secure cloud architecture, secure SaaS governance, TIC 3.0, or continuous monitoring.
  • Experience integrating cybersecurity requirements into Agile, DevSecOps, CI/CD, product delivery, and application modernization workflows.
  • Experience supporting ATO packages, security assessment activities, security control validation, audit responses, and independent verification or validation reviews.
  • Experience with cybersecurity tools and repositories used for POA&M tracking, vulnerability management, audit evidence, incident coordination, SIEM/SOAR, or continuous monitoring.
  • Experience aligning cybersecurity activities with NIST 800-53 Rev. 5, NIST 800-37, NIST 800-61, NIST 800-34, FedRAMP, FISMA, CISA guidance, or HHS security policy.
  • Experience developing cybersecurity dashboards, executive risk reporting, compliance scorecards, and metrics-based security governance materials.
  • Additional cybersecurity, cloud security, Agile, ITIL, AWS, Azure, Google Cloud, or project management certification.

Working at ICF
ICF is a global advisory and technology services provider, but we're not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.
We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy.
We will consider for employment qualified applicants with arrest and conviction records.
Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email Candidateaccommodation@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act.
Candidate AI Usage Policy
At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process.
However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position based on full-time employment is:
$158,819.00 - $269,993.00
Nationwide Remote Office (US99)

Apply