Senior Manager, Compliance & Government Security

Company Description

Zayo provides mission-critical bandwidth to the world's most impactful companies, fueling the innovations that are transforming our society. Zayo's 141,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo's communications infrastructure solutions include dark fiber, private data networks, wavelengths, Ethernet, and dedicated Internet access. Zayo serves wireless and wireline carriers, media, tech, content, finance, healthcare and other large enterprises.

Our Manager III, Compliance & Government Security is a senior enterprise leader within the Governance, Risk, and Compliance organization with direct ownership of the company's government security and enterprise compliance programs.

This role holds formal appointment as Facility Security Officer (FSO) and Information Technology Principal Security Officer (ITPSO) and maintains enterprise accountability for the company's Facility Clearance (FCL) and safeguarding of regulated information systems and Controlled Unclassified Information (CUI).

The position leads a team of compliance professionals and is responsible for strategy, execution, and operational performance across federal frameworks including CMMC Level 2, NIST SP 800-171, DFARS, and FedRAMP, as well as commercial certifications including SOC 2 Type II, ISO/IEC 27001, and PCI DSS.

This role carries direct people leadership responsibility, cross-functional authority across IT, Production Networks, Security Operations, Legal, HR, and Sales, and material impact on protected federal revenue streams.

Responsibilities

Government Security & Clearance Leadership

* Serve as the formally appointed FSO responsible for maintaining the company's Facility Clearance (FCL).

* Serve as ITPSO with accountability for safeguarding covered information systems and CUI.

* Lead implementation and sustainment of CMMC Level 2, NIST SP 800-171, DFARS, and FedRAMP compliance programs.

* Interface directly with government representatives, assessors, and oversight agencies.

* Mitigate regulatory risks that could impact federal contract eligibility or revenue.

Enterprise Compliance Program Ownership

* Own enterprise compliance programs including SOC 2 Type II, ISO/IEC 27001, and PCI DSS.

* Design and harmonize control frameworks to reduce redundancy and increase operational efficiency.

* Lead readiness assessments, gap analyses, and remediation initiatives.

* Drive continuous monitoring and sustained compliance maturity.

Audit & Certification Leadership

* Lead all external audits and certification engagements across regulatory frameworks.

* Serve as executive liaison to auditors, C3PAOs, and certification bodies.

* Direct enterprise-wide remediation of findings with measurable closure objectives.

Cross-Organizational Leadership

* Establish compliance accountability across IT, Production Networks, Sales, Executive Leadership, Legal, and HR.

* Lead cross-functional teams to solve complex regulatory and contractual compliance challenges.

* Serve as executive compliance authority in customer engagements and RFP responses.

* Translate evolving federal mandates into scalable enterprise control implementations.

Organizational Leadership & Talent Management

* Directly manage a team of four or more compliance and government security professionals.

* Set strategic direction, performance objectives, and development plans.

* Allocate resources across concurrent regulatory initiatives based on risk and revenue impact.

* Build scalable program capabilities aligned to enterprise growth.

Qualifications

Required

* Minimum of eight (8) years of progressive experience in Governance, Risk, and Compliance with enterprise program ownership.

* Minimum of three (3) years of direct people leadership experience.

* Demonstrated experience managing U.S. Government compliance frameworks including CMMC, NIST SP 800-171, DFARS, and FedRAMP.

* Experience serving in or supporting FSO and ITPSO functions within a cleared environment.

* Experience leading SOC 2, ISO 27001, and PCI DSS certification programs.

* Experience interfacing directly with government officials and external auditors.

Preferred

* Eligible for formal FSO appointment under federal guidelines.

* Experience operating within telecommunications, infrastructure, cloud, or managed services sectors.

* Certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, or similar.

Estimated base salary range: $106,500 - $163,900 USD/annually.

The base pay range shown is a guideline and reasonable estimate for this role. It takes into account the wide variety of factors that are considered in making compensation decisions. Actual compensation offered may vary from the posted range based upon geographic location, work experience, skill level, certifications, and other business and organizational needs. Non- sales roles may be eligible to participate in a discretionary annual incentive plan. Sales roles may be eligible to participate in a sales incentive plan.

Additionally, this position may be eligible for certain benefits, such as health insurance, life insurance, disability retirement plans, paid time off.

The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.

Benefits, Rewards & Wellness

• Excellent Health, Dental & Vision Insurance

• Retirement 401(k) Savings Plan

• Generous paid time off policy including paid parental leave

Zayo provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, provincial or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.