Description of Task to be Performed:
AnaVation is seeking a senior-level Cybersecurity Program Manager (GRC) with an active Top Secret clearance. The ideal candidate will have Federal Program Management experience with teams of at least 20 cybersecurity personnel plus hands-on experience leading IT Security Audits and SA&A activities. This is a full-time position located onsite with our customer in Washington DC.
What you will be doing
- Fully accountable for planning, organizing, and executing all aspects of program scope, schedule, cost, technical, and staffing performance and activities on complex cybersecurity contracts to ensure exceptional service delivery
- Manage subcontractors to ensure their strict adherence to AnaVation and client standards of quality and performance; provide a “one team” view to the client
- Ensure timely, complete, high-quality contract deliverables; ensure SLOs are met or exceeded 100% of the time
- Interface with client’s senior management personnel, including briefings up to CIO/CISO level
- Lead IT Security Audits including FISMA, FISCAM, IRS, and OIG
- Leverages industry knowledge, best practices, lessons learned and stakeholder feedback to develop, implement and continuously improve GRC services
- Optimize processes to maximize efficiencies within the team and program, including GRC automation and functional integration across task areas and teams
- Be a positive change agent, both within and outside the organization; propagate our corporate culture throughout the program
- Lead risk management activities, including identification and recommended mitigations; track and manage risks and issues through closure
- Build, grow, and develop high-performing teams aligned with the client’s mission and strategy
- Manage program personnel to include interviewing, hiring, performance evaluations, compensation, and training and development
- Guide and mentor subordinate managers, team leads, and staff
- Work closely with the client to function as the single point of contact and accountability, ensuring that all technical work, communications, and decision-making remain aligned, timely, and defensible
- Serve as Quality Control Manager ensuring all deliverables and assigned tasks meet QASP requirements
- Must have the ability to work in a dynamic environment and adapt to changing conditions
- Must possess a high degree of originality, creativity, and initiative requiring minimal supervision
Required Qualifications:
- Active PMP, CISSP, and CISM certifications
- Bachelor’s Degree in IT, Cybersecurity, Business, or related
- 15+ years managing GRC-centric cybersecurity programs with at least 25 people
- 5+ years leading IT security audits including FISMA, FISCAM, IRS, OIG, etc
- 1+ years leading FISMA metrics reporting
- 1+ years leading cybersecurity shared services (e.g., SOC-aaS, GRC-aaS)
- Active Top Secret clearance
- Experience with IT Security Assessment & Authorization (SA&A) processes and documentation sufficient to mentor and advise team members
- Experience with GRC tools such as vulnerability management, vulnerability scanning, endpoint management, data protection, SIEM, and GRC automation platforms
- Expert-level command of the English language (oral and written), with experience interacting effectively at the CIO and CISO levels of large organizations
- Expert-level organizational skills and ability to keep a multitude of tasks and projects on track at all times and with minimal supervision
- This position is currently performed remotely but the work location is subject to change at the customer’s sole discretion. Candidates must be located in the DC-metro area and be willing to adapt to a hybrid or on site work location in Washington DC if required.
Minimum Qualifications (Education/Certifications, Experience, etc):
Clearance:
Other Required Skills & Qualifications:
Preferred Qualifications:
- Prior experience as an ISSO/ISSM/ISSE or SCA
- Generous cost sharing for medical insurance for the employee and dependents
- 100% company paid dental insurance for employees and dependents
- 100% company paid long-term and short-term disability insurance
- 100% company paid vision insurance for employees and dependents
- 401k plan with generous match and 100% immediate vesting
- Competitive Pay
- Generous paid leave and holiday package
- Tuition and training reimbursement
- Life and AD&D Insurance
Skills Required
- Active PMP certification
- Active CISSP certification
- Active CISM certification
- Bachelor's Degree in IT, Cybersecurity, Business, or related
- 15+ years managing GRC-centric cybersecurity programs with at least 25 people
- 5+ years leading IT security audits
- 1+ years leading FISMA metrics reporting
- 1+ years leading cybersecurity shared services
What We Do
AnaVation is a trusted partner that delivers high-value, cost-effective solutions to solve our customers’ most complex technical and analytical problems. AnaVation believes that the future of securing, collecting, processing, and analyzing cyber data will require the development of advanced ANAlytical technologies derived via the innoVATION of current and future technologies. AnaVation believes in the “Idea of the Possible” — that it is possible for our experts, partnering with our customers in the right environment, to create innovative technical solutions that expand our customers’ capabilities. We want to do two things for our customers. We want to resolve existing challenges and we want to prepare them for the future. Our technical expertise and innovative engineering culture enable us to do those things.
.png){kind=logo}
