Cybersecurity Program Manager (GRC)

About The Position

Requirements

• Active PMP, CISSP, and CISM certifications
• Bachelor’s Degree in IT, Cybersecurity, Business, or related
• 15+ years managing GRC-centric cybersecurity programs with at least 25 people
• 5+ years leading IT security audits including FISMA, FISCAM, IRS, OIG, etc
• 1+ years leading FISMA metrics reporting
• 1+ years leading cybersecurity shared services (e.g., SOC-aaS, GRC-aaS)
• Clearance: Active Top Secret clearance
• Experience with IT Security Assessment & Authorization (SA&A) processes and documentation sufficient to mentor and advise team members
• Experience with GRC tools such as vulnerability management, vulnerability scanning, endpoint management, data protection, SIEM, and GRC automation platforms
• Expert-level command of the English language (oral and written), with experience interacting effectively at the CIO and CISO levels of large organizations
• Expert-level organizational skills and ability to keep a multitude of tasks and projects on track at all times and with minimal supervision

Nice To Haves

• Prior experience as an ISSO/ISSM/ISSE or SCA

Responsibilities

• Fully accountable for planning, organizing, and executing all aspects of program scope, schedule, cost, technical, and staffing performance and activities on complex cybersecurity contracts to ensure exceptional service delivery
• Manage subcontractors to ensure their strict adherence to AnaVation and client standards of quality and performance; provide a “one team” view to the client
• Ensure timely, complete, high-quality contract deliverables; ensure SLOs are met or exceeded 100% of the time
• Interface with client’s senior management personnel, including briefings up to CIO/CISO level
• Lead IT Security Audits including FISMA, FISCAM, IRS, and OIG
• Leverages industry knowledge, best practices, lessons learned and stakeholder feedback to develop, implement and continuously improve GRC services
• Optimize processes to maximize efficiencies within the team and program, including GRC automation and functional integration across task areas and teams
• Be a positive change agent, both within and outside the organization; propagate our corporate culture throughout the program
• Lead risk management activities, including identification and recommended mitigations; track and manage risks and issues through closure
• Build, grow, and develop high-performing teams aligned with the client’s mission and strategy
• Manage program personnel to include interviewing, hiring, performance evaluations, compensation, and training and development
• Guide and mentor subordinate managers, team leads, and staff
• Work closely with the client to function as the single point of contact and accountability, ensuring that all technical work, communications, and decision-making remain aligned, timely, and defensible
• Serve as Quality Control Manager ensuring all deliverables and assigned tasks meet QASP requirements
• Must have the ability to work in a dynamic environment and adapt to changing conditions
• Must possess a high degree of originality, creativity, and initiative requiring minimal supervision

Benefits

• Generous cost sharing for medical insurance for the employee and dependents
• 100% company paid dental insurance for employees and dependents
• 100% company paid long-term and short-term disability insurance
• 100% company paid vision insurance for employees and dependents
• 401k plan with generous match and 100% immediate vesting
• Competitive Pay
• Generous paid leave and holiday package
• Tuition and training reimbursement
• Life and AD&D Insurance