Governance, Risk, and Compliance (GRC) Manager (002-26)

Iviry, LLC is affiliated with Anglicotech, LLC. Iviry is seeking an energetic, self-motivated technically proficient Compliance Manager with immediate availability who wants to take ownership of our existing cyber compliance program and take it to the next level. The role blends governance, risk, and compliance (GRC) expertise with hands-on technical implementation and project management execution, enabling the individual to both recommend and execute remediation activities tied to compliance findings. We’re looking for someone who will thrive in a challenging and rewarding process-oriented operational environment and share our culture of teamwork, collaboration, growth, and dedication to mission. This role will offer ample independent and team-based opportunities for the qualified candidate to exercise their technical cyber/sysadmin skills as well as demonstrate and grow their project management capability. Limited travel may be required. Location This position is a remote position, with a preference for close proximity to Arlington, Virginia. Salary

• A salary range of $90,000-115,000 is available for this position commensurate with education, years of experience, and qualifications.

Responsibilities

Compliance, Governance & Risk (≈80%)

• Lead compliance assessments and gap analyses against established frameworks, primarily NIST SP 800-171 and CMMC.
• Develop, review, and maintain security policies, standards, procedures, and system security documentation.
• Identify control deficiencies and generate detailed POA&Ms, including root cause analysis, remediation steps, ownership, and timelines.
• Track POA&M progress and provide status reporting to internal stakeholders and customers.
• Perform risk assessments and assist with control selection, tailoring, and implementation guidance.
• Support audit readiness efforts, including evidence collection, control validation, and assessor coordination.
• Provide subject matter expertise to customers on compliance requirements and best practices.
• Assist with compliance roadmaps, maturity planning, and long-term risk reduction strategies. Technical Remediation & Project Implementation (≈20%)
• Work directly with customers to implement technical and procedural remediation activities tied to POA&M findings.
• Execute security and compliance-related projects such as:
• Identity and access management improvements
• Endpoint security and configuration hardening
• Logging, monitoring, and alerting enhancements
• Secure configuration of Microsoft 365, Entra ID, Intune, or similar platforms
• Validate implemented controls to ensure compliance objectives are met.
• Provide technical guidance and hands-on support when customers lack internal resources.
• Document implemented solutions and align them with compliance control requirements.

Required Qualifications

• Must be a U.S. Citizen.
• High School Diploma or equivalent required.
• 3+ years of experience in cybersecurity, GRC, or compliance-focused roles.
• Hands-on experience performing compliance gap analyses and developing POA&Ms.
• Strong working knowledge of at least one major compliance framework (NIST, CMMC, ISO, SOC 2, HIPAA, etc.).
• Ability to translate compliance requirements into practical, technical solutions.
• Experience working directly with customers or stakeholders in advisory or implementation roles.
• Strong documentation, organization, and project coordination skills.

Preferred Qualifications

• Experience supporting regulated or government-aligned environments.
• Familiarity with Microsoft security and compliance tooling.
• Experience managing remediation projects or acting as a technical project lead.
• Relevant certifications such as:
• CompTIA Security+, CySA+, CASP+/ SecurityX
• CISM, CRISC, CISSP
• ISO 27001 Lead Implementer/Auditor
• Cyber AB RP/CCA/CCP (if applicable)
• Bachelor's or Master's Degree in Computer Science, Information Technology, Business, Education, Information Security, Information Systems, Engineering, Technical, Management Information Systems, Technology preferred but significant experience in a complex learning environment can be substituted. Key Skills & Competencies
• Must be a U.S. Citizen.
• Timeliness and accuracy of work is essential.
• A passion for Information Technology, Security and Compliance.
• Strong understanding of how technical controls map to compliance requirements.
• Ability to balance policy, risk, and implementation responsibilities.
• Comfortable owning findings from identification through remediation.
• Clear communicator with both technical and non-technical audiences.
• Must be able to work equally well independently or in a team environment.
• Self-directed and capable of operating in ambiguous or evolving environments.
• Must be able to multi-task and dynamically adjust priority of effort.
• Experience working within an ITIL v3/v4 framework is expected. About Iviry Iviry, LLC is a well-established, rapidly growing, veteran-owned IT services company pr

Apply tot his job Apply To this Job