Job Seekers, Please send resumes to resumes@hireitpeople.com

 

Short Description:

The Senior Program Manager is responsible for managing, coordinating, and establishing priorities for the complete life-cycle of projects including the planning, design, programming, testing, and implementation of business solutions.

 

Complete Description:

This position requires a strong Technical  Project Manager with a strong IT SECURITY and IT AUDIT/COMPLIANCE background.  The ideal candidate will possess GRC (Governance, risk management, and compliance) experience and know how to manage and perform security audits.  Security controls experience is also important in this role.

 

EISO Cyber Security Project and Compliance Manager

The Cyber Security Project and Compliance Manager reports to the Enterprise Information Security Office (EISO) - Enterprise Risk Manager and is primarily responsible for administering and supporting multiple cyber security projects.  This position will also assist with the EISO’s Governance, Risk, and Compliance initiatives.  The ideal candidate will have both project and compliance management experience. 

 

 

Duties include:

Project Management:

•           Work with EISO staff and Commonwealth IT employees and managers to develop project: business cases; charters; scope of work documents; and project plans that include, cost, work schedule, and identifies any related risks. 

•           Work with EISO staff and Commonwealth IT employees to identify the roles of project team members, project reporting structures and frequency of interaction and any training requirements that may be needed for a team member to complete a cyber-security project.

•           Define the responsibilities of parties involved in the project including customers, management, IT management, project team, vendors and others affected by the cyber security project.

•           Monitor cyber security projects on an ongoing basis by evaluating: progress; quality of tasks and deliverables; managing issue resolution; and managing risk mitigation as necessary.

•           Identify, track, monitor and communicate cyber security project-related issues, scope changes, variances and contingencies that may arise during the implementation of cyber security projects.

•           Maintain effective communication and working relationships with customers and project team members.

•           Lead post-implementation review of project lessons’ learned.

•           Prepare and present oral and/or written technical reports and project presentations.

•           Create and communicate project plans/roadmaps and approach to gain sign-off from business and IT leadership and report project status to various stakeholders as needed.

•           Complete executive level management reports.

•           Effectively communicate with EISO staff, IT Managers, and security vendors on a daily basis.

•           Communicate policy or protocol changes as required.

•           Develop policy, procedures, guidelines, and forms.

•           Act as an IT security business analyst on projects when needed.  This includes interviewing business subject matter experts, writing high level and detailed business requirements, etc.

 

 

Compliance Management:

•           Identify risks in regulatory compliance through collaboration with Commonwealth agencies.

•           Work collaboratively with EISO staff, Commonwealth IT employees and managers to ensure that appropriate control standards and procedures are developed and executed to drive regulatory compliance

•           Develop monitoring frameworks and programs to support EISO’s efforts to drive compliance with regulations.

•           Support execution of monitoring programs to review for compliance with regulations.

•           Use monitoring dashboards to report on reg

More than 10 years Experience

 

4 year college degree in computer science or a related field; certifications specific to the field of project management.

All roles specified in PM3 plus the following:

 

•Manages, coordinates, and establishes priorities for complete life-cycle of projects including the planning, design, programming, testing, and implementation of business solutions designed to meet requirements of various departments in the company, such as distribution, finance, and manufacturing.

 

•Designs project plans, which identify needs and define major tasks and milestones, based on scope, resources, budget, and personnel.

 

•Requires proven success communicating verbally and in writing to multiple project stakeholders internal and external to the organization.

 

•Determines project needs and acquires resources required for the success of the project.

 

•Coordinates the development of new systems and/or applications projects, the modification of existing systems or applications, or changes in current methods or techniques.

 

•Coordinates project performance with the other work of the affected department or departments.

 

•Excludes those who do not have full time responsibilities for project management.

 

 

EISO Cyber Security Project and Compliance Manager

The Cyber Security Project and Compliance Manager reports to the Enterprise Information Security Office (EISO) - Enterprise Risk Manger and is primarily responsible for administering and supporting multiple cyber security projects.  This position will also assist with the EISO’s Governance, Risk, and Compliance inititives.  The ideal candidate will have both project and compliance management experience.  Duties include:

Project Management

•                Work with EISO staff and Commonwealth IT employees and managers to develop project: business cases; charters; scope of work documents; and project plans that include, cost, work schedule, and identifies any related risks. 

•                Work with EISO staff and Commonwealth IT employees to identify the roles of project team members, project reporting structures and frequency of interaction and any training requirements that may be needed for a team member to complete a cyber security project.

•                Define the responsibilities of parties involved in the project including customers, management, IT management, project team, vendors and others affected by the cyber security project.

•                Monitor cyber security projects on an ongoing basis by evaluating: progress; quality of tasks and deliverables; managing issue resolution; and managing risk mitigation as necessary.

•                Identify, track, monitor and communicate cyber security project-related issues, scope changes, variances and contingencies that may arise during the implementation of cyber security projects.

•                Maintain effective communication and working relationships with customers and project team members.

•                Lead post-implementation review of project lessons’ learned.

•                Prepare and present oral and/or written technical reports and project presentations.

•                Create and communicate project plans/roadmaps and approach to gain sign-off from business and IT leadership and report project status to various stakeholders as needed.

•                Complete executive level management reports.

•                Effectively communicate with EISO staff, IT Managers, and security vendors on a daily basis.

•                Communicate policy or protocol changes as required.

•                Develop policy, procedures, guidelines, and forms.

•                Act as an IT security business analyst on projects when needed.  This includes interviewing business subject matter experts, writing high level and detailed business requirements, etc.

Compliance Management

•                Identify risks in regulatory compliance through collaboration with Commonwealth agencies.

•                Work collaboratively with EISO staff, Commonwealth IT employees and managers to ensure that appropriate control standards and procedures are developed and executed to drive regulatory compliance

•                Develop monitoring frameworks and programs to support EISO’s efforts to drive compliance with regulations.

•                Support execution of monitoring programs to review for compliance with regulations.

•                Use monitoring dashboards to report on regulatory compliance execution, trends and themes in daily execution of compliance processes and controls.

•                Support agencies through on-going testing and reporting for regulatory compliance

•                Support agencies with regulatory compliance risk assessments to determine risk profile, controls and enhancements to be made.

•                Support agencies with regulatory changes, supporting the development and execution of change management protocols to stay current on the regulatory landscape, upcoming changes and the impact to the organization's services, processes, procedures and controls.

•                Leverage knowledge and experience to deliver end-to-end automated solutions which includes governing policies, controls, ITSM, and/or IT Infrastructure Library (ITIL) processes.

•                Consider dependencies, relationships, and integration points to ensure proper solution integration with other systems when applicable.

•                Work with agencies to assess current state processes and tools.

•                Assist customers with proof-of-concept activities and with transforming and changing cultures.

Qualifications

•                BA/BS Degree in Information Technology, IT Security, Business, or Engineering or equivalent experience.

•                GIAC Certified Project Manager (GCPM), Certified Security Project Manager (CSPM), or Project Management Professional (PMP), or equivalent project management certifications are preferred but not required. 

•                Minimum 6+ years of experience as an IT Security Project Manager and IT Security Auditing and Compliance.

•                Solid project management skills with ability to multi-task and manage projects in a cross functional environment.

•                Superior problem solving, communication and negotiation skills including effective leadership, planning and motivational capabilities.  

•                Excellent verbal and written communication skills, as well as ability to present and explain technical information in a way that established rapport, persuades others, and gains understanding.

•                Ability to build and maintain relationships with EISO staff, IT Managers, IT Staff, and Agency Business Owners. 

•                Proficiency in project management tools and procedures; strong people management and conflict resolution sills.

•                Proficient with MS Project, MS-Excel, MS-Word, & MS-Power-Point suite.

 

Skills:

Skill

Required / Desired

Amount

of Experience

 

BA/BS Degree in Information Technology, IT Security, Business, or Engineering or equivalent experience.

Required

4

Years

IT Security Project Manager experience

Required

5

Years

IT Security Auditing and Compliance experience

Required

5

Years

Technical Experience

Required

5

Years

Proficiency in Project Management tools and procedures (i.e. MS Project, Service Now, ITIL)

Required

5

Years

Superior problem solving, communication and negotiation skills including effective leadership, planning and motivational capabilities.

Required

5

Years

GRC (Governance, risk management, and compliance) experience

Required

5

Years

Proficient with MS Project, MS-Excel, MS-Word, & MS-Power-Point suite.

Required

5

Years

Excellent verbal/written communication skills, & ability to explain technical information establish rapport, persuade others & gain understanding.

Required

5

Years

GIAC Certified PM (GCPM), Certified Security PM (CSPM), or Project Management Professional (PMP), or equivalent PM certifications

Highly desired

5

Years

Ability to build and maintain relationships with EISO staff, IT Managers, IT Staff, and Agency Business Owners.

Highly desired

5

Years