The RMF/GRC Program Lead is responsible for overseeing the organization’s Risk Management Framework (RMF) and Governance, Risk, and Compliance (GRC) initiatives. This role ensures the development, implementation, and maintenance of security policies, procedures, and controls to meet regulatory and organizational requirements. The lead conducts risk assessments, coordinates audits, and manages compliance with federal and industry standards, while reporting risk and compliance metrics to senior leadership. Additionally, the RMF/GRC Program Lead educates teams on best practices and requirements pertaining to risk and compliance management.
Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Business Services, Health, Infrastructure and Engineering, Mission Optimization, Technology and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental – Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays.
As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act.
ESSENTIAL REQUIREMENTS
Must be able to obtain and maintain the required customer clearance for access to systems, facilities, equipment and property.
KEY DUTIES AND RESPONSIBILITIES
Essential Duties and responsibilities include the following. Other duties may be assigned.
- Lead the Risk Management Framework (RMF) and Governance, Risk, and Compliance (GRC) programs for the organization.
- Develop and maintain policies, procedures, and controls to meet regulatory and organizational security requirements.
- Oversee risk assessments, gap analyses, and mitigation strategies for business units.
- Coordinate audits and ensure continuous compliance with federal and industry standards.
- Report risk status, compliance metrics, and remediation progress to senior leadership.
- Educate and advise teams on RMF/GRC practices and requirements.
EDUCATION AND EXPERIENCE
- Bachelor’s degree in Information Security, Risk Management, or related field; Master’s or MBA preferred.
- Minimum 6 years’ experience in GRC, risk management, or compliance leadership roles.
- Certifications such as CISM, CRISC, CGRC (CAP), or CISA.
- Expertise in regulatory frameworks (NIST, ISO 27001, FedRAMP, etc.) and risk management methodologies.
PHYSICAL DEMANDS
EOE including Disability/Vet
*Please note, that this position is contingent upon the award or funding. The essential duties, experience, education requirements, and salary are subject to change.*
The estimated pay range for this role is $140K to $150K, with the final offer contingent on location, skillset, and experience.
CNI offers a comprehensive benefits package that includes:
Medical
Dental
Vision
401(k)
Family Planning/Fertility Assistance
STD/LTD/Basic Life/AD&D
Legal-Aid Program
Employee Assistance Program (EAP)
Paid Time Off (PTO) – (11) Federal Holidays
Training and Development Opportunities
Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI).
Similar Jobs
What you need to know about the Los Angeles Tech Scene
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering


