ISSO PROGRAM MANAGER (PgM)

ISSO PROGRAM MANAGER (PgM)

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount Inc has a requirement for an ISSO PM who will support our client by providing project management and Information Security expertise for our ISSO Team. The ISSO PM is expected to provide advisory in securing enterprise information and systems by determining security requirements; planning designing implementing and testing systems and security technologies; developing security standards policies and procedures; and mentoring team members.

The ISSO Program Manager serves as the senior cybersecurity lead responsible for managing all security compliance RMF activities and continuous monitoring for all systems within the clients enterprise while also providing full lifecycle program management support. This role integrates IT and Information Security subject matter expertise with project management responsibilities to ensure secure compliant and mission-aligned delivery for our federal client. The ISSO PM manages security operations reporting deliverables stakeholder communication resources schedules and technical oversight of cybersecurity governance risk and compliance (GRC) activities to meet agency and contract requirements.

DUTIES & RESPONIBILTIES

• Provide day-to-day management of the ISSO Team develop project schedules reports and briefings in accordance with the contract requirements.
• Provide primary accountability to ensure the task orders receives the appropriate support and resources required to deliver quality results.
• Provide strategic direction vision leadership and management to the team(s) assigned to the task order.
• Contribute to organizational direction through regular involvement with client leadership and team members.
• Maintain productive and effective client relationship with the most senior levels of the client organization.
• Manage numerous project schedules simultaneously.
• Develop maintain and update project management plans project schedules and an Integrated Master Schedule (IMS).
• Develop maintain and update Quality Assurance Surveillance Plans (QASP).
• Conduct assessments of threats and vulnerabilities determine deviations from acceptable configurations enterprise or local policy assess the level of risk and develop and recommend appropriate mitigations.
• Ensure ISSO team meets contract requirements and client established KPIs and performance metrics.
• Provide risk analysis for vulnerabilities incidents and change requests and advise on the impact of new or changing applicable federal policy changes.
• Conduct research and present analyses to evaluate and/or determine emerging industry technology trends government agency best practices and security issues.
• Determine security requirements by evaluating strategies / requirements; research IT security standards; conduct security and vulnerability analyses and risk assessments; review architecture/platform; identify integration issues; prepare cost estimates.
• Provide expertise and guidance to OCIO on DevSecOps / secure development operational systems and enhancements in support of the clients mission.
• Assist business owners system owners and system engineers with selecting and implementing controls that maintain a high level of security and protect patron privacy.
• Monitor and ensure compliance with standards policies and procedures; support IR activities; develop and conducting training programs.
• Prepare security reports by collecting analyzing and summarizing data and trends.
• Enhance company and clients reputation by accepting ownership for accomplishing new and different requests exploring opportunities to add value to job accomplishments.
• Lead ISSOs for assigned systems in accordance with NIST RMF FISMA agency policy directives Zero Trust and cybersecurity requirements.
• Ensure quality requirements are met for system security documentation development and maintenance including SSPs Security Assessment Packages (SAP) SARs POA&Ms and continuous monitoring artifacts.
• Ensure all systems maintain ongoing authorization by implementing continuous monitoring monthly artifact updates vulnerability remediation log review oversight and risk tracking.
• Collaborate with technical teams to ensure security requirements are incorporated into system design enhancements and operational changes.
• Support audit readiness respond to IG/OIG inquiries and manage external assessment requests.
• Provide expert guidance on NIST SP00-61 Zero Trust Architecture (800-207) and CISA Zero Trust Maturity Model.
• Manage project risks issues dependencies timelines and reporting across the lifecycle.
• Prepare and deliver weekly monthly and quarterly program status reports dashboards and executive briefings.

QUALIFICATIONS

• Must have at least 7 years of experience managing IT Security programs with for a minimum of 5000 users 10000 assets and numerous tools.
• Must have experience at least 5 years of experience leading teams minimally of 10 direct reports: and developing implementing and managing project schedules.
• Must have the ability to manage multiple projects work under pressure and tight deadlines work independently and work in a team environment.
• Must have the ability to effectively communicate both orally (in common English narration) and in writing (to include technical documentation).
• Must have the ability to manage multiple projects work under pressure and tight deadlines work independently and work in a team environment.
• Possess the ability to explain and breakdown technical details and solutions to executive management and not technical parties - ability to explain the true business impact.
• Good understanding of network protocols design and operations.
• Strong analytical skills and efficient problem solving.
• Experienced writing security related procedures and guidelines.
• Experience with NIST Special Publications and guidance.
• Excellent report development and presentation skills.
• Strong problem solving and analysis skills self-motivated and able to work and communicate in a team environment.
• Proficient in Microsoft Office suite to include Project and other office automation products.

EDUCATION

• Minimum of Bachelors degree in Computer Science IT Engineering or similar fields. Years of experience will be taken into consideration in place of a degree.
• Years of experience may be substituted in lieu of a degree.

CERTIFICATIONS

• Must have a minimum of one (1) IT Security certification at the IAM III Level referenced in the Department of Defense Approved 8570 Baseline list.
• Additional certifications preferred are:
• PMI PMP; and ITIL

CLEARANCE

• Public Trust
• Must be a United States citizen.

WORK LOCATION and HOURS

• Location: Primary location is Zermount HQ (Arlington VA) and Washington DC. Remote is authorized. Occasional travel to the primary location may be required.
• Core Hours: 8:30 am ET - 5:30 pm ET

Required Experience:

Manager