2

Remote Crisc Jobs in Silver Spring, MD (NOW HIRING)

Remote Crisc information

See Silver Spring, MD salary details

$10

$17

$21

How much do remote crisc jobs pay per hour?

As of Jul 19, 2026, the average hourly pay for remote crisc in Silver Spring, MD is $17.33, according to ZipRecruiter salary data. Most workers in this role earn between $15.67 and $18.89 per hour, depending on experience, location, and employer.

What is the difference between Remote Crisc vs Remote CISSP?

AspectRemote CriscRemote CISSP
CertificationsCRISC (Certified in Risk and Information Systems Control)CISSP (Certified Information Systems Security Professional)
Work EnvironmentPrimarily risk management, compliance, and controls in IT securitySecurity architecture, policy development, and risk management in cybersecurity
Industry UsageIT risk, audit, and compliance sectorsCybersecurity leadership, consulting, and architecture roles

While both Remote Crisc and Remote CISSP focus on cybersecurity, CRISC emphasizes risk management and controls, often in audit and compliance roles. CISSP covers broader security architecture and policy development. The choice depends on your career focus: risk and controls or security leadership.

What are popular job titles related to Remote Crisc jobs in Silver Spring, MD? For Remote Crisc jobs in Silver Spring, MD, the most frequently searched job titles are:
What job categories do people searching Remote Crisc jobs in Silver Spring, MD look for? The top searched job categories for Remote Crisc jobs in Silver Spring, MD are:
What cities near Silver Spring, MD are hiring for Remote Crisc jobs? Cities near Silver Spring, MD with the most Remote Crisc job openings:
NIH - Lead Security Policy / Training Manager

NIH - Lead Security Policy / Training Manager

cFocus Software Incorporated

Bethesda, MD • On-site, Remote

Full-time

This job post has expired 1 day ago. Applications are no longer accepted.


Job description

cFocus Software seeks a Lead Security Policy / Training Manager to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 10+ years of experience in information security, cybersecurity governance, compliance, or security program management.
  • 5+ years leading enterprise security policy, governance, or awareness programs.
  • Experience supporting Federal civilian agencies or other large enterprise organizations.
  • Experience developing information security policies aligned with Federal cybersecurity requirements.
  • Experience designing and managing enterprise cybersecurity awareness and training programs.
  • Experience supporting executive-level governance initiatives.
  • Preferred certifications: CISSP, CGRC, CISM, CRISC, GSLC, CIPM, CIPP/US, HCISPP, CPTM, CPTD, or PMP

Duties:
  • Lead the development, review, revision, and maintenance of NIH/OD information security policies, standards, procedures, and governance documentation.
  • Establish and maintain an enterprise Information Security Policy Management Strategy.
  • Ensure policy documentation remains aligned with NIH, HHS, OMB, DHS, NIST, FISMA, Executive Orders, and other Federal cybersecurity requirements.
  • Develop governance processes for policy lifecycle management, approval, publication, version control, and annual review.
  • Maintain the inventory of all NIH/OD information security policies and supporting documentation.
  • Coordinate policy reviews with Government stakeholders and technical subject matter experts.
  • Monitor emerging Federal cybersecurity legislation, Executive Orders, OMB memoranda, NIST Special Publications, HHS directives, CISA guidance, and other regulatory requirements.
  • Analyze the operational impact of new cybersecurity policies affecting NIH/OD.
  • Identify compliance gaps and recommend implementation strategies.
  • Prepare formal policy analysis reports for NIH leadership.
  • Brief executive leadership on regulatory changes and implementation priorities.
  • Support strategic planning for future policy adoption.
  • Lead and manage the NIH/OD Information Security Awareness Program.
  • Develop annual security awareness strategies and implementation plans.
  • Design awareness campaigns addressing current cyber threats and user risks.
  • Promote a culture of cybersecurity throughout the NIH organization.
  • Measure program effectiveness through metrics and user participation.
  • Develop continuous improvement initiatives for security awareness.
  • Design, develop, coordinate, and oversee enterprise cybersecurity training programs.
  • Develop role-based security training for technical and non-technical personnel.
  • Coordinate instructor-led training sessions, webinars, workshops, and awareness events.
  • Develop online learning content supporting NIH security objectives.
  • Ensure mandatory cybersecurity awareness training meets Federal requirements.
  • Evaluate training effectiveness through assessments and feedback.