The RMF/GRC Program Lead is responsible for overseeing the organization’s Risk Management Framework (RMF) and Governance, Risk, and Compliance (GRC) initiatives. This role ensures the development, implementation, and maintenance of security policies, procedures, and controls to meet regulatory and organizational requirements. The lead conducts risk assessments, coordinates audits, and manages compliance with federal and industry standards, while reporting risk and compliance metrics to senior leadership. Additionally, the RMF/GRC Program Lead educates teams on best practices and requirements pertaining to risk and compliance management.
Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Business Services, Health, Infrastructure and Engineering, Mission Optimization, Technology and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental – Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays.
As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act.
ESSENTIAL REQUIREMENTS
Must be able to obtain and maintain the required customer clearance for access to systems, facilities, equipment and property.
KEY DUTIES AND RESPONSIBILITIES
Essential Duties and responsibilities include the following. Other duties may be assigned.
- Lead the Risk Management Framework (RMF) and Governance, Risk, and Compliance (GRC) programs for the organization.
- Develop and maintain policies, procedures, and controls to meet regulatory and organizational security requirements.
- Oversee risk assessments, gap analyses, and mitigation strategies for business units.
- Coordinate audits and ensure continuous compliance with federal and industry standards.
- Report risk status, compliance metrics, and remediation progress to senior leadership.
- Educate and advise teams on RMF/GRC practices and requirements.
EDUCATION AND EXPERIENCE
- Bachelor’s degree in Information Security, Risk Management, or related field; Master’s or MBA preferred.
- Minimum 6 years’ experience in GRC, risk management, or compliance leadership roles.
- Certifications such as CISM, CRISC, CGRC (CAP), or CISA.
- Expertise in regulatory frameworks (NIST, ISO 27001, FedRAMP, etc.) and risk management methodologies.
PHYSICAL DEMANDS
EOE including Disability/Vet
*Please note, that this position is contingent upon the award or funding. The essential duties, experience, education requirements, and salary are subject to change.*
The estimated pay range for this role is $140K to $150K, with the final offer contingent on location, skillset, and experience.
CNI offers a comprehensive benefits package that includes:
Medical
Dental
Vision
401(k)
Family Planning/Fertility Assistance
STD/LTD/Basic Life/AD&D
Legal-Aid Program
Employee Assistance Program (EAP)
Paid Time Off (PTO) – (11) Federal Holidays
Training and Development Opportunities
Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI).
Canadian National Railway Company Calgary, Alberta, CAN Office
Calgary, Canada

.png)

.png)