SMSI provides expert management consulting, program and project management, and technical consulting services to government and private sector clients. A small business founded in 2008, SMSI has built an outstanding reputation for client-focused performance and for delivering results that enable clients to meet commitments and milestones.
EOE/AA - M/F/Vet/Disability/Drug-Free Workplace
Job Summary
SMSI LLC is seeking an experienced Program Manager to develop and manage a portfolio of Cyber Security projects. The successful applicant will be a proactive problem solver with exceptional communication skills and attention to detail. The position will report to the Chief Information Officer and require interaction with all levels within, and external to, the organization, including: client sponsors, senior managers, functional subject matter experts (SMEs), Information Technology (IT) staff, subcontractors, and external vendors. This position requires knowledge and application of industry best practices and ability to provide technical leadership for information Security Programs.
Location
The position will operate in a location based on the client need. Primarily position will be remote, but may require travel to client site(s) and/or work in SMSI office(s).
Responsibilities
The Cyber Security Program Manager will perform a variety of assessments and evaluations in support of SMSI and client organizations. Responsibilities will include, but are not limited to the following:
- Conduct NIST and/or CMMC assessments and gap analysis on IT systems.
- Present applicable compliance requirements and gap assessments to CIO and/or client sponsor.
- Evaluate and recommend effective approaches to protect systems, networks, software, data, and information systems against potential attacks.
- Provide technical assistance in developing, coordinating, and processing risk assessments. This may include creating, inspecting, reviewing policies and procedures, identifying shortfalls, making recommendations, and writing assessment reports.
- Review IT system related initiatives for security sufficiency and identify issues to the CIO and/or client sponsor.
- Implement vulnerability testing, threat analyses, and security checks.
- Provide professional guidance to security teams.
- Write, analyze, and design system policies and procedures for enterprise systems.
- Write, analyze, and capture network traffic over enterprise networks.
- Research new threats, attacks, and vulnerabilities that may affect IT infrastructure, and ways to identify and protect against them.
- Investigate potential cyber-attacks and intrusion attempts.
- Provide risk consultation to requests for assessment services, evaluations, etc.
- Prepare and present presentations, reports, and dashboards, providing recommendations and findings on matters relating to projects.
- Assist with proposal development.
- Perform other duties, as assigned.
Requirements
- 10+ years of relevant professional experience with understanding of IT hardware, software, databases, user interfaces, role/access management, and information security.
- Knowledge of Risk Management Framework requirements and process.
- Knowledge of the DOE/NNSA cyber work environments, exposure to levels of leadership, customer, NNSA sites.
- Knowledge of current and emerging threats/threat vectors.
- Knowledge of business continuity, disaster recovery, and continuity of operations.
- Knowledge of system life cycle management principles, including software security and usability.
- Knowledge of DOE/NNSA mission and Cyber Security Program requirements.
- Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the Comp TIA Advanced Security Practitioner (CASP) certification.
- Ability to obtain and maintain a DOE Q Clearance.
Education
- Bachelor’s degree preferably in computer science, engineering, information systems, or related discipline.
Work Environment
- This job operates in a combination of remote working and professional office environment.
All candidates must possess
- US Citizenship.
- Ability to pass a pre-employment background check and drug screen.
- Excellent written and verbal communication skills.
- Excellent organizational skills.
- Capability with MS Office Suite.
- Excellent interpersonal skills and ability to interface with clients, contractors, and consultants on a day-to-day basis.