Information Security Assurance Assistant Group Supervisor

Are you passionate about being on a team of highly skilled, motivated and dedicated professionals charged with protecting sensitive data while supporting the JHU/APL mission?

Do you want to integrate cybersecurity and compliance within our enterprise, sector and department networks?

Are you passionate about protecting our Nations sensitive information?

If so, we're looking for someone like you to join our team at APL

We are seeking an Assistant Group Supervisor (AGS) in Information Security Assurance (ISA) to partner with the Group Supervisor in leading a high performing organization of cybersecurity professionals. This role operates within a shared leadership model, where the AGS and Group Supervisor share responsibilities across the two primary pillars of the group; threat detection and compliance, ensuring seamless leadership coverage across both domains. This AGS role will focus primarily on the compliance pillar.

As the ISA Assistant Group Supervisor, you will serve as a strategic and operational leader responsible for:...

Shared Leadership Model
* Partner closely with the Group Supervisor to align strategy, priorities, and execution across the ISA Group
* Share responsibility for overall group performance, section leadership, and staff engagement
* Provide full leadership coverage in the absence of the Group Supervisor and across all ISA functions as needed
* Ensure seamless integration and coordination between all sections and responsibility pillars

Operations Leadership
* Lead the maturation of ISA's cybersecurity risk management and compliance program
* Provide strategic oversight of the Laboratory's compliance posture with government regulations with a primary focus on CMMC and NIST SP 800-171 requirements
* Collaborate with business areas and technical staff to support compliance assessments and serve as a key liaison with Certified Third-Party Assessment Organizations (C3PAOs)
* Drive a risk-based, "how do we get to yes" approach that balances compliance requirements, operational needs, and practical risk management
* Establish and maintain processes for risk identification, assessment, acceptance, and mitigation
* Provide oversight for security assessments, audits, and continuous monitoring activities
* Lead the Laboratory's CMMC assessment program, including oversight of C3PAO relationships and preparation for annual affirmations of compliance across the organization
* Provide guidance on cybersecurity requirements contained in RFIs, RFPs, and contracts to ensure compliance obligations are clearly understood and appropriately addressed
* Lead the buildout of posture monitoring, configuration management, and cloud compliance capabilities across ISA sections
* Ensure continuous monitoring principles are operationalized and aligned with both compliance requirements and the broader threat detection and response
* Lead the hiring and development of section leadership and staff as the sections mature

Organizational Leadership
* Ensure Section Supervisors are effectively managing staff performance, development, and accountability within their respective security functions
* Identify and develop high-potential staff and build leadership bench strength across the broader ISA Group
* Ensure staff are provided meaningful opportunities for growth aligned with organizational needs
* Provide expert guidance on complex risk decisions, including exception handling and compensating controls
* Partner with threat detection and incident response leadership to maintain feedback loops between detection findings and control improvements
* Leverage data and analytics to identify systemic risks, control gaps, and trends across the security program
* Provide executive management awareness of the ongoing state of compliance across the enterprise

You meet our minimum qualifications for the job if you...

• Have a Bachelor's degree in Cybersecurity, Computer Science, Information Systems, a related field, or requisite experience
• Have at least 7 years of experience in cybersecurity, with significant experience in governance, risk, and compliance
• Have at least 5 years of experience leading and/or managing teams with demonstrated ability to exercise sound judgment and discretion
• Have strong working knowledge of NIST SP 800-171 and applicable federal cybersecurity compliance frameworks
• Demonstrate the ability to translate policy and regulatory requirements into actionable security practices
• Have experience balancing mission needs with security and compliance requirements in complex environments
• Have familiarity with cloud security architectures, identity-first security models, or modern data platforms
• Have experience using data and metrics to drive risk-based decisions
• Possess excellent interpersonal, written, and oral communication skills, with a proven ability to operate effectively at all levels of leadership
• Are able to obtain a Secret security clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

You'll go above and beyond our minimum requirements if you...

• Have a Master's degree in Cybersecurity, Computer Science, Information Systems, a related field, or requisite experience, including significant cybersecurity leadership experience spanning both GRC and security operations
• Have experience standing up or restructuring security operations functions, including defining mission scope and building teams
• Have experience leading organizational transformation or modernization initiatives within a cybersecurity program
• Have experience integrating security telemetry, behavioral analytics, or automated tooling into compliance or risk management workflows
• Have experience implementing quantitative or risk-based decision frameworks
• Hold relevant professional certifications (e.g., CISSP, CISM, CRISC)
• Have an understanding of attack methodologies used by Nation State actors and the ATT&CK matrix to effectively assess risk

Why Work at APL?

The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation's most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.

At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL's campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities athttp://www.jhuapl.edu/careers.

All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law.APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contactAccommodations@jhuapl.edu.

The referenced pay range is based on JHU APL's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis.