Enterprise Cybersecurity Change Management Lead
Listed on 2026-06-27
-
IT/Tech
Cybersecurity
Enterprise Cybersecurity Change Management Lead
The Opportunity:
The governance change management lead is responsible for designing, implementing, and leading an enterprise-wide governance framework that enables transformational change, continuous process redesign, and the end-to-end automation of complex, cross-functional GRC workflows. This role combines deep expertise in cybersecurity risk management, operational governance, and structured business process transformation to ensure new environments, systems, and services are introduced through a tightly controlled lifecycle from intake and Build, through Test and Authorization, to sustainable Operational Sustainment.
In this role, you will establish gated governance processes, implement risk-based decision frameworks, and align all review and approval activities with the organization’s cybersecurity threat model and enterprise risk taxonomy. Serving as a strategic advisor to business, IT, security, and executive stakeholders, you will ensure engineering innovation and velocity are balanced with robust security, compliance, and operational resilience. Due to the nature of work performed within this facility, U.S. citizenship is required.
Qualifications- 8+ years of experience in cybersecurity, risk management, or business process transformation roles, including driving large-scale process redesign and workflow automation.
- Experience establishing and managing Enterprise Architecture (EA) governance frameworks and Agile or Scrum governance models to ensure fast-paced engineering sprints remain aligned with corporate compliance standards.
- Experience with practical application of Business Process Management (BPM) principles and Lean Six Sigma methodologies to map, simplify, and automate manual GRC processes, successfully reducing cost, cycle times, and cognitive load for engineering teams.
- Experience leading structured Organizational Change Management (OCM) strategies to transition multi-disciplinary stakeholders through complex GRC modernization journeys, building trust and driving a cultural shift from “output-based” compliance to “outcome-based” engineering discipline.
- Experience launching and leading pilot programs, measuring operational performance against defined success metrics, and iterating on workflow solutions prior to full-scale enterprise launch.
- Experience conducting deep quantitative analysis on delivery performance data, including efficiency, speed, reliability, and cost.
- Experience identifying root causes of operational friction, improving operational SLA or SLOs, and transforming raw data into polished executive visual reports.
- Experience designing, defining, and standardizing core Key Performance Indicators (KPIs) and operational metrics to track the health and velocity of authorized environments.
- HS diploma or GED.
- 10+ years of experience in people management, coaching, and talent development for multi-disciplinary teams in change-intensive environments.
- Experience with Cyber Risk Management frameworks, common enterprise threat scenarios, and control alignment to key regulations such as NIST SP 800‑53, NIST SP 800‑171, CMMC Level 2, FedRAMP, or SOC 2 Type II.
- Experience with modern GRC platforms and automation tools, including Service Now and RSA Archer or comparable enterprise workflow engines.
- Ability to synthesize complex technical, operational, and architectural risks into pragmatic solutions for senior executive leadership.
- Certifications such as Lean Six Sigma Green or Black Belt, Certified Scrum Master (CSM), PMP, CISSP, or Certified in Governance, Risk and Compliance (CGRC).
The projected compensation range for this position is $ to $ annualized USD. Salary is determined by location, education, skills, and experience. This posting will close within 90 days from the posting date.
EEO StatementAll qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).