• Manage the Information Assurance Control Calendar by completing assigned compliance activities (e.g., access reviews) and coordinating with stakeholders to ensure periodic tasks (e.g., contingency and incident response plan testing) are completed on schedule. • Ensure company policies, plans, procedures, and standards are reviewed and updated regularly for accuracy and compliance. • Maintain and manage the Plan of Action & Milestones (POA&M) for FedRAMP, CMMC, and internal findings to ensure timely resolution of security gaps. • Lead and facilitate monthly FedRAMP meetings, providing authorizing officials with briefings on all deliverables and program status. • Lead and oversee the company’s supply chain risk management program, conducting risk assessments for all new and existing vendors, suppliers, and services. • Lead the CVE (Common Vulnerabilities and Exposures) meeting, providing detailed explanations of vulnerabilities, their impact, and recommended remediation steps to relevant stakeholders. • Assist the Governance Risk & Compliance Manager in preparing for external assessments (e.g., FedRAMP audits, SOC 2 attestations) by maintaining audit-ready documentation, collecting evidence, and coordinating with stakeholders during the process. • Ensure all personnel complete mandatory training during onboarding and on a periodic basis as required, and collaborate with relevant teams to develop and update training materials yearly based on evolving security protocols and company requirements. • Support current and potential customers by providing detailed and timely responses to Requests for Information (RFI). • Ensure continuous adherence to established regulatory frameworks, including FedRAMP, ISO 27001, CMMC, SOC 2, HIPAA, GDPR, and PCI DSS.