Security​/Compliance Manager

About NDi

Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company’s success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas.

Military Veterans Encouraged to Apply.

The Security/Compliance Manager will be responsible for overseeing security controls, compliance activities, and continuous monitoring to ensure VESEE systems meet VA cybersecurity, privacy, and regulatory requirements. This role provides governance and coordination across delivery teams, ensuring security controls are implemented, assessed, documented, and sustained in alignment with VA standards, FISMA, and ATO requirements.

• U.S Citizenship required.
• Must be able to obtain and maintain a Public Trust clearance
• This position is remote but may require occasional onsite meetings in McLean, VA.
• You can be based out of following states: AZ, DC, FL, GA, OH, ME, MD, SC, TX, UT, VA, NC, OK, WV.

• Bachelor's Degree in Cybersecurity, Information Technology, Information Assurance, or a related field.
• At least 7 years of experience in security compliance, RMF, or federal cybersecurity roles.
• Strong experience with RMF control implementation and assessment.
• Experience managing ACAS vulnerability scanning and reporting.
• Experience with SCAP compliance checks and STIG application.
• Hands‑on experience with eMASS documentation and POA&M management.
• Experience overseeing HBSS/ESS host security monitoring.
• Experience reviewing Nessus/Tenable plugin results and coordinating remediation.
• Experience supporting continuous monitoring aligned with FISMA and ATO requirements.
• Experience managing audit log retention and review across Oracle DB, Oracle Web Logic, and Kubernetes platforms.
• Experience enforcing privilege and access control alignment with VA baseline standards.
• Strong organizational, analytical, and communication skills.
• Ability to lead cross‑functional teams and manage multiple compliance priorities.

• Experience supporting VA systems or other federal agency environments.
• Experience managing security compliance across large, multi‑team delivery programs.
• Relevant certifications such as CISSP, CISM, or equivalent federal cybersecurity certifications

• Oversee implementation and maintenance of security controls across VESEE systems and environments.
• Ensure alignment of security practices with VA cybersecurity, privacy, and regulatory requirements.

• Lead RMF control implementation, assessment coordination, and ongoing control effectiveness monitoring.
• Oversee SCAP compliance checks and STIG application activities.
• Coordinate ACAS vulnerability scanning, reporting, and remediation tracking.

• Manage continuous monitoring workflows aligned with FISMA and VA ATO sustainment requirements.
• Ensure security posture is maintained through regular assessments, scans, and evidence collection.

• Oversee eMASS control package documentation, updates, and submissions.
• Manage POA&M development, tracking, and remediation coordination.

• Review ACAS and Nessus/Tenable scan outputs.
• Coordinate remediation activities across technical teams and track resolution status.
• Ensure vulnerabilities are prioritized and addressed in accordance with VA policies.

• Oversee host‑based security monitoring using HBSS/ESS.
• Ensure audit log retention and review requirements are met across Oracle DB, Oracle Web Logic, and Kubernetes container platforms.

• Ensure privilege and access controls align with VA baseline standards.
• Oversee review and validation of role…