Key skills
ServiceNowJiraAgileScrumLeadershipRisk ManagementCloud Security
About this role
ASSYST is seeking a Senior Project Manager with demonstrated experience managing Information Security programs within the Federal Government. The Project Manager will lead and coordinate cybersecurity assessment initiatives to strengthen and standardize security maturity, overseeing the execution of NIST Cybersecurity Framework based assessments and driving actionable outcomes to enhance risk management.
Responsibilities:
- Lead the full RMF lifecycle to achieve and maintain ATO for federal systems
- Monitor, track, and report on overall contract performance, including progress against schedule, deliverable status, risks, and issues
- Ensure contractor adherence to this solicitation and subsequent work orders, quality standards, coordination procedures, and data handling protocols
- Serve as the central project lead, ensuring alignment to establish a standardized and objective cybersecurity maturity baseline
- Develop and maintain project tracking mechanisms to enable leadership to monitor cybersecurity maturity progress, measure the impact of security investments, and support informed decision-making
- Annual Federal Information Security Modernization Act (FISMA) reporting and audits, ensuring all managerial and technical security controls meet federal standards
- Evaluate procurement functions to ensure third-party software and cloud service providers meet federal security accountability requirements
- Facilitate Agile or Scrum ceremonies (sprints, stand-ups) to deliver cybersecurity capabilities on time and within budget, utilizing tools like Jira or ServiceNow
Requirements:
- 8+ years of experience in federal cybersecurity or information assurance, including leading the RMF lifecycle in alignment with NIST to achieve and maintain ATO for federal systems
- Experience supporting FISMA compliance activities, including annual reporting, security audits, and documentation reviews
- Hands-on experience managing vulnerability assessments and remediation programs, using tools such as Tenable Nessus, with responsibility for tracking findings and mitigation through POA&M processes
- Experience overseeing third-party software and cloud security compliance, including alignment with FedRAMP requirements, and managing cybersecurity initiatives using Agile methodologies with tools like Jira
- Proven ability to manage cybersecurity program performance, including tracking deliverables, risks, and security maturity metrics, while providing leadership with actionable reporting to support informed decision-making
- PMP, CISSP, CISM Certifications preferred