Director of Compliance - Chief Information Digital Office

RELOCATION ASSISTANCE: No relocation assistance available CLEARANCE TYPE: Secret TRAVEL: Yes, 10% of the Time **Description** At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. The Director, CIDO Compliance is a senior leadership role accountable for developing and executing a comprehensive compliance strategy across the CIDO organization. The position drives the creation of the CIDO Compliance Charter and Annual Plan, ensuring that all information systems adhere to internal policies, regulatory frameworks, and external standards. The role partners with Cybersecurity, IT Operations, Internal Audit, Legal, and Sector CIDOs to implement continuous compliance monitoring, incorporate compliance-by-design practices, and manage key compliance initiatives such as CMMC, SOX, and Internal Audit outcomes. **This position is based out of Falls Church, VA but can also be filled at any of Northrop Grumman's major locations.** **ESSENTIAL FUNCTIONS** - Develop and execute a comprehensive CIDO-wide compliance strategy, including the creation of the CIDO Compliance Charter and Annual Plan. - Ensure adherence to internal policies, regulatory frameworks, and external standards across all information systems. - Implement continuous compliance monitoring capabilities and embed compliance-by-design practices into enterprise operations. - Oversee the implementation and ongoing validation of critical compliance initiatives, including CMMC practices, SOX compliance, and remediation of Internal Audit outcomes and actions. - Ensure evidence-based compliance for all unclassified and classified information systems across the enterprise. - Partner with Cybersecurity, IT Operations, and Sector CIDOs to drive the consistent implementation and management of compliance activities and reporting. - Define success metrics and establish improvement plans for operational activities, such as patching and internal phishing tests. - Develop and maintain a centralized control repository, metrics dashboard, and executive-level compliance reports for senior leadership. - Identify and leverage automation tools to streamline compliance checks and reduce manual efforts. **BASIC QUALIFICATIONS** - Bachelor's degree in Information Technology, Cybersecurity, Business Administration, or a related field. - A minimum of 12 years of progressive experience in compliance, cybersecurity, or IT governance, with at least 5 years in a senior management or director-level role. - Demonstrated experience in developing and executing long-term compliance strategies within complex, highly regulated environments. - Proven knowledge and hands-on experience with compliance initiatives such as CMMC, SOX, and IT General Controls (ITGC). - This position may require the ability to obtain or maintain a government security clearance. **PREFERRED QUALIFICATIONS** - Master's degree in Cybersecurity, Information Assurance, Business Administration, or a related discipline. - Relevant professional certifications (e.g., CISM, CRISC, CISSP, or similar). - Prior experience in the defense, aerospace, or high-technology sectors. - Proven track record in establishing control libraries, accountability models, and compliance governance forums. - Experience working with regulatory frameworks including DFARS, NIST SP 800-171, NIST SP 800-53, SOX, and DCAA. **KEY SKILLS & COMPETENCIES** - Ability to design and execute a long-term compliance roadmap that supports business strategy and regulatory requirements. - Expertise in establishing control libraries, accountability models, and effective compliance governance forums. - Strong stakeholder diplomacy - ability to balance regulatory rigor with operational practicality and foster cross-functional influence. - Change leadership skills with a demonstrated ability to shift organizational culture toward proactive compliance. - Advanced analytical and risk management skills with a focus on technical and regulatory compliance. - Technical expertise in industry standards and regulatory frameworks including CMMC, DFARS, NIST SP 800-171, NIST SP 800-53, SOX, DCAA, and ITGC controls. **TRAVEL** - This position may require up to 10-15% domestic travel for compliance reviews, stakeholder engagements, and audit assessments. Primary Level Salary Range: $176,100.00 - $305,900.00 The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business. The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.