Organizational Alignment

This position reports to the Vice President, Cybersecurity Risk & Compliance Services (CRCS) and leads C2 Labs' government compliance delivery practice. The Lead/Manager, GovCon is responsible for delivering cybersecurity compliance services supporting federal agencies, government contractors, and regulated organizations, with an emphasis on Civilian RMF, DoD RMF, FedRAMP, DoD Cloud Computing SRG, and related government frameworks. This role oversees customer delivery, personnel management, quality assurance, resource planning, and capability development across government-focused engagements.

 
Position Summary
C2 Labs is seeking a Senior Manager, GovCon to lead and scale the company's government compliance practice. This individual will oversee the successful delivery of cybersecurity compliance engagements supporting federal, defense, and government contractor customers. The Senior Manager will establish scalable delivery models, develop reusable accelerators, and ensure consistent, high-quality execution across all government-focused engagements.

 
Key Responsibilities
Lead the GovCon practice; establish strategic objectives and KPIs; oversee customer delivery; develop scalable methodologies and accelerators; manage staffing, utilization, and budgets; support capture and proposal activities; establish quality standards; capture lessons learned; and collaborate with the AI & Innovation team to integrate AI and Compliance Intelligence capabilities into delivery workflows.

Service Portfolio Management
Manage and evolve service offerings including security authorization support, Civilian RMF, DoD RMF, Continuous Monitoring (ConMon), security authorization package development, security assessment support, OSCAL implementation, and Continuous Authority to Operate (cATO) services.

 
Required Skills
8+ years of cybersecurity compliance experience and 3+ years leading teams, programs, or service lines. Deep expertise in Civilian RMF, DoD RMF, or DoD Cloud Computing SRG is required, along with strong knowledge of NIST SP 800-53, NIST SP 800-37, NIST SP 800-60, FIPS 199, continuous monitoring, and authorization package development.

 
Strongly Preferred
Experience with RegScale, eMASS, Xacta, ServiceNow GRC, Archer, OSCAL, cloud security architectures, and government cloud environments. Certifications such as CISSP, CISM, and CGRC are highly desirable.

 
Government Experience
·         Federal agencies

·         Defense organizations

·         Government contractors

·         FedRAMP-authorized environments

 
Certifications 
One or more of the following:

·         CISSP

·         CISM

·         CGRC

 
Education & Experience
·         Bachelor's degree in Cybersecurity, Information Systems, or related field.

·         Experience working in consulting, managed services, or professional services organizations strongly preferred.

·         U.S. Citizenship.

·         Ability to obtain and maintain government suitability requirements as needed.

EEO STATEMENT: 

We are an equal opportunity employer. All qualified applicants will be considered without discrimination based on race, color, religion, sex, national origin, age, disability, or protected veteran status. Employment offers will be contingent on passing a pre-employment background and drug screen.