[Contingent] Cybersecurity Program Manager (Executive Advisor)

Phia LLC• Fairfax, VA, US, VA

1d•Hybrid

About The Position

This position is in support of a current government proposal and employment is contingent upon contract award. Phia is seeking a Senior Cybersecurity Program Manager (Executive Advisor) to serve as the most senior cybersecurity voice on a federal program. This role involves advising executive leadership on enterprise-wide cybersecurity strategy, risk, and compliance, while also providing overall program management for Phia's contract team. It requires a dual-hat leadership approach, blending deep technical credibility with executive-level communication skills. The selected candidate will advise senior federal government officials on cybersecurity strategy, risk management, zero trust adoption, and federal compliance priorities. They will oversee the Phia program team's delivery, represent the client in interagency cybersecurity working groups, and translate complex technical risks into clear, mission-focused guidance for decision-makers.

Requirements

15+ years of experience with FISMA, FedRAMP, NIST frameworks, CISA guidance, the Privacy Act, and OMB A-130 and understand how these frameworks interact in a large federal agency environment.
Successfully managed large, multi-task federal cybersecurity programs: understand EVM, integrated master scheduling, staffing management, and what it takes to sustain a high-performing technical team.
Led or advised federal Insider Threat programs and understand the legal, privacy, and civil liberties sensitivities involved in operating such a program.
Understand zero trust architecture principles and have advised on or overseen ZTA adoption in a federal enterprise setting.
Master's degree in Cybersecurity required
20+ years of experience in IT and Cybersecurity
15+ years advising CISO, CIO, and executive leadership on enterprise cybersecurity strategy, risk management, and federal compliance
10+ years delivering executive briefings that translate technical risks into mission-impact terms
Project Management Professional (PMP) - required
Certified Information Security Manager (CISM - ISACA) - required
Minimum one (1) of: CISA (ISACA), CRISC (ISACA), CISSP (ISC2), CGRC (ISC2)
Public Trust / Suitability clearance required
Must be a U.S. Citizen.

Nice To Haves

Prior experience advising a federal agency CISO or CIO on enterprise cybersecurity strategy
Experience with interagency cybersecurity coordination
Familiarity with Executive Order 14028 (Improving the Nation's Cybersecurity) and its implementation requirements for federal agencies
Experience with ISO 27001 and HIPAA governance frameworks in addition to FISMA/NIST
Prior experience supporting or leading a National Insider Threat Task Force member organization
Experience with advanced analytic tools for insider threat detection and behavioral analysis

Responsibilities

Advise senior federal executive leadership (CISO, CIO, and above) on enterprise-wide cybersecurity strategy, risk management, and compliance priorities aligned with FISMA, FedRAMP, the Privacy Act, NIST frameworks, and CISA guidance.
Act as the senior cybersecurity program advisor, providing executive-level decision support on policy, governance, technology investments, and modernization initiatives including zero trust architecture adoption and cloud migration security.
Oversee the development and implementation of enterprise cybersecurity policies, standards, and procedures to ensure mission resilience and regulatory compliance.
Manage the phia program: serve as the primary point of contact for all contract actions, oversee all contractor activities and deliverables, manage cost, schedule, and technical performance, and provide regular program status reporting.
Guide incident response and crisis management efforts, briefing senior leadership during significant security events and coordinating with federal law enforcement and interagency partners.
Direct enterprise risk assessments and security posture evaluations; identify systemic risks and prioritize remediation across critical systems.
Lead and advise on Insider Threat program activities: maintain compliance with applicable federal Insider Threat policies, perform program assessments, develop annual program reports, maintain interagency liaison relationships, and research advanced analytic tools for insider threat detection.
Represent the client organization in interagency cybersecurity working groups and task forces.
Deliver regular executive briefings to senior leadership, translating complex technical risks into actionable, mission-impact terms.
Mentor senior security managers and technical staff; build organizational cybersecurity capacity and support succession planning for key security leadership roles.