Offer summary

Qualifications:

7+ years of experience in cybersecurity, information security, or GRC, with 3+ years in compliance program execution., Strong expertise with NIST SP 800-171, CMMC, and ISO/IEC 27001 frameworks., Excellent written and verbal communication skills for collaboration with technical and non-technical stakeholders., Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA) highly preferred..

Key responsibilities:

Lead the strategy and execution of the company’s CMMC compliance program, including gap assessments and remediation plans.

Develop and maintain cybersecurity policies and standards aligned with NIST and ISO 27001 frameworks.

Serve as a liaison to external consultants, auditors, and government partners for compliance efforts.

Manage the internal security risk register and conduct formal risk assessments using industry-standard methodologies.

Job description

About the Role:

TD SYNNEX is seeking a Manager of Cybersecurity Governance, Risk, and Compliance (GRC) to lead key initiatives across policy, risk, and compliance—with a particular focus on driving the company’s CMMC readiness and implementation efforts. This role reports to the Senior Director of Global GRC, who leads the overall security governance strategy, while this position will own and manage day-to-day execution of CMMC and NIST-related workstreams.
The ideal candidate brings deep experience with NIST SP 800-171, CMMC, and ISO/IEC 27001, along with exceptional communication, policy development, and program management skills.

What You'll Do:

Lead the strategy, execution, and continuous improvement of the company’s CMMC compliance program, including gap assessments, remediation plans, documentation, and coordination with internal and external stakeholders.
Develop, update, and maintain cybersecurity policies and standards in alignment with NIST and ISO 27001 frameworks.
Serve as a key liaison to external consultants, auditors, and government partners related to CMMC and other compliance efforts.
Manage the internal security risk register and perform formal risk assessments using industry-standard methodologies.
Conduct and oversee third-party/vendor risk assessments and support procurement with security reviews of new vendors.
Develop and present security and compliance dashboards, risk reports, and executive summaries to leadership.
Contribute to cross-functional GRC projects and initiatives, including awareness training, internal control reviews, and audit readiness.
Provide subject matter expertise in cybersecurity frameworks, compliance requirements, and security best practices.
Support internal audits and external assessments, including ISO 27001 surveillance and certification audits.

What We're Looking For:

7+ years of experience in cybersecurity, information security, or GRC, with 3+ years in a role directly responsible for compliance program execution.
Strong expertise with NIST SP 800-171, CMMC and ISO/IEC 27001 frameworks.
Certified CMMC Professional (CCP) or Certified CMMC Assessor (CCA) highly preferred.
Demonstrated experience writing, reviewing, and managing security policies and control documentation.
Strong track record of leading compliance readiness efforts or external certification projects.
Skilled at developing executive-level metrics and risk reporting.
Excellent written and verbal communication skills; able to collaborate with both technical and non-technical stakeholders.
Project management experience is a plus.
Familiarity with government contracting or defense industry cybersecurity requirements.
Experience with GRC or risk management platforms (e.g., OneTrust, ServiceNow GRC, Archer, Vanta).

Working Conditions:

Occasional non-standard work hours or overtime as business requires.
On-call availability required as necessary.
Some travel required.
#LI-PN

Key Skills

What’s In It For You?

Elective Benefits: Our programs are tailored to your country to best accommodate your lifestyle.
Grow Your Career: Accelerate your path to success (and keep up with the future) with formal programs on leadership and professional development, and many more on-demand courses.
Elevate Your Personal Well-Being: Boost your financial, physical, and mental well-being through seminars, events, and our global Life Empowerment Assistance Program.
Diversity, Equity & Inclusion: It’s not just a phrase to us; valuing every voice is how we succeed. Join us in celebrating our global diversity through inclusive education, meaningful peer-to-peer conversations, and equitable growth and development opportunities.
Make the Most of our Global Organization: Network with other new co-workers within your first 30 days through our onboarding program.
Connect with Your Community: Participate in internal, peer-led inclusive communities and activities, including business resource groups, local volunteering events, and more environmental and social initiatives.

Don’t meet every single requirement? Apply anyway.

At TD SYNNEX, we’re proud to be recognized as a great place to work and a leader in the promotion and practice of diversity, equity and inclusion. If you’re excited about working for our company and believe you’re a good fit for this role, we encourage you to apply. You may be exactly the person we’re looking for!

We are an equal opportunity employer and committed to building a team that represents and empowers a variety of backgrounds, perspectives, and skills. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity or expression, sexual orientation, protected veteran status, disability, genetics, age, or any other characteristic protected by law.

TD SYNNEX is an E-Verify company

Required profile