Key skills
Project Management certificationDoD Approved Baseline Certification5+ years leadership experienceSTIG compliance experienceTechnical writing skillsFacilitation skillsTS with SCI eligibilityExperience supporting DoD programsBSBA in ITDoD-Approved CSSP Analyst CertificationsRisk Management Professional certificationCIAMLeadershipProject ManagementRisk Management
About this role
BMA is an employee-owned small business seeking a Task Order Project Manager to support the DLA Cybersecurity Web/App Vulnerability Management Support Services contract. The role involves providing leadership, planning, and management oversight for the execution of contract requirements to improve the cybersecurity posture of DLA web applications and information systems.
Responsibilities:
- Provide overall leadership and management of a large, complex cybersecurity task order supporting enterprise vulnerability management operations
- Serve as the primary liaison to Government leadership, including the KO, COR, and DLA J6 program management staff
- Assist the Program Manager (PM) in coordinating contract activities with government stakeholders, including cybersecurity leadership, program offices, and system owners
- Ensure contract deliverables, schedules, and technical requirements are executed in accordance with performance objectives
- Develop and maintain the Task Order Management Plan outlining the technical approach, organizational resources, and management controls required to execute the Performance Work Statement (PWS)
- Provide planning, direction, coordination, and control necessary to accomplish all contract tasks
- Manage the execution of project phases
- Verify and validate level of effort and deliverables across all assigned tasks
- Oversee activities supporting the Cybersecurity Web/Application Vulnerability Management branch responsible for identifying, analyzing, and mitigating vulnerabilities across DLA IT, Cloud, and OT environments
- Ensure teams perform cybersecurity engineering assessments, security test and evaluation activities, and risk analysis in accordance with federal and DoD cybersecurity policies
- Ensure compliance with applicable cybersecurity standards and frameworks including RMF, NIST security controls, and DLA cybersecurity guidance
- Provide oversight of vulnerability assessment activities and cybersecurity engineering recommendations supporting enterprise risk reduction
- Oversee preparation and submission of required contract reports
- Monitor project performance, identify risks, and implement corrective actions when necessary
- Conduct Integrated Project Reviews (IPRs) with stakeholders to review project status, technical progress, and operational challenges
- Lead and supervise a multidisciplinary cybersecurity workforce supporting vulnerability assessment and cybersecurity engineering activities
- Maintain appropriate staffing levels and skillsets required to meet contract requirements
- Coordinate recruitment, onboarding, and training of personnel as necessary to sustain contract performance
- Ensure personnel maintain required cybersecurity certifications and security clearances
- Implement program management controls to ensure the quality and timeliness of all deliverables
- Establish quality control processes to monitor technical performance and compliance with contract requirements
Requirements:
- Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification
- DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAM) Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC or SANS GIAC Security Leadership Certification (GSLC)
- 10+ years of relevant professional experience in information technology, cybersecurity, or consulting environments
- 5+ years of leadership experience managing complex programs or projects within the public or private sector
- Demonstrated experience managing large, complex government task orders or programs involving enterprise IT or cybersecurity services, including supervising 10 or more employees
- Experience with STIG compliance cycles, vulnerability management, and POA&M governance
- Strong technical writing skills producing RMF artifacts, policy and procedure documents, and audit-ready evidence packages
- Strong facilitation skills for Integrated Product Teams (IPTs), Working Group (WG) sessions, and cross-functional coordination
- There is a Secret Security clearance requirement for this position
- TS with SCI eligibility
- Experience supporting DoD or DLA program offices
- Experience supporting DoD or DLA environments
- BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field
- One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler
- Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP)