IT Security Program Manager

About The Position

Requirements

• Minimum 7 years leading compliance programs in IT security.
• Proven ability to manage complex projects with exceptional organizational skills.
• Demonstrated experience performing tasks across the compliance program.
• Extensive experience collaborating with diverse business units and securing executive buy-in.
• Demonstrated success in achieving compliance program strategy for an organization.
• Extensive experience evaluating IT controls against NIST 800-53 and/or NIST 800-171 frameworks.
• Must be able to pass a basic government suitability check (US Citizenship required).

Nice To Haves

• CISSP and/or CISA certifications (or related certification)
• Experience with IT operations and administration in Windows environments.
• Experience with Microsoft GCC-High environments.
• Proficiency in GRC platforms for compliance management.
• Experience leading, tracking, and reporting on remediation efforts.
• Familiarity with DFARS and ITAR regulations and how they apply to CUI handling.
• Experience developing and overseeing CUI programs to ensure compliance with federal regulations.
• Knowledge of NIST Risk Management Framework (RMF), DCSA Assessment and Authorization Process Manual (DAAPM), National Industrial Security Program Operating Manual (NISPOM), and NISP Enterprise Mission Assurance Support Service (eMASS).

Responsibilities

• Develop, implement, and oversee the organization’s IT security compliance program.
• Lead and execute efforts to achieve and maintain compliance with NIST 800-53 and NIST 800-171 standards.
• Hands-on execution for CMMC readiness activities, including policy updates, control assessments, and remediation efforts.
• Collaborate and engage actively with cross-functional teams to secure buy-in and ensure program success.
• Own and deliver project timelines, deliverables, and reporting for compliance initiatives.
• Utilize GRC platforms for control tracking, risk management, and reporting.
• Conduct IT control assessments and ensure audit readiness.
• Support IT operations in a Windows environment and GCC-High configuration.
• Provide training and guidance to employees on security program requirements and best practices.
• Work with external auditors to facilitate assessments and certifications.

Benefits

• This role offers the opportunity to lead and shape the cybersecurity and compliance foundation of a federal-focused firm.
• You will work alongside experienced professionals, influence enterprise-wide security strategy, and play a key role in supporting the firm’s mission-critical work with government clients.
• Castro Puerto Rico is an Equal Opportunity Employer and considers all qualified applicants without regard to color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability, and any other classification protected by law.