SR PROGRAM MANAGER in Arlington

Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub. We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy and engineering jobs, and work with the leading energy companies worldwide.

We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.

Job DescriptionJob Description

SR PROGRAM MANAGER

MILITARY FRIENDLY & - HOH SPONSOR

Zermount, Inc., is seeking a highly experienced Senior (SR) Program Manager (PgM) to lead the delivery of a strategic TSA cybersecurity contract focused on Governance, Risk, and Compliance (GRC) and Zero Trust (ZT) implementation. This client-facing role will serve as the primary interface with client leadership, ensuring that all program objectives, contract deliverables, and cybersecurity milestones are met on time and within budget.

The SR PgM will provide strategic oversight, manage cross-functional teams, and ensure compliance with federal cybersecurity mandates including Executive Order 14028, OMB M-22-09, FISMA, and NIST frameworks. This role requires experience managing large-scale federal programs, driving GRC and Cybersecurity transformation, Zero Trust implementation, and navigating complex regulatory environments.

DUTIES & RESPONSIBILITIES

Program and Contract Oversight

• Serve as the primary point of contact for client leadership, stakeholders, COR and the Zermount Executive Team.

• Lead the execution of all contract requirements, ensuring alignment with the client's mission, objectives, and performance metrics.

• Oversee program delivery across multiple workstreams (e.g., GRC, Zero Trust, CIO FISMA Metrics, Compliance Reporting, etc.).

• Manage all contract deliverables, SLA performance, and ensure timely submission of required documentation.

• Monitor program financials, staffing, and resource allocation in accordance with Earned Value Management (EVM) principles.

• Provide overall management, control, planning, and scheduling of the activities and services required under the Task Order.

• Develop and maintain a Master Project Plan and Schedule delineating all TO activities

• Develop, document, implement and maintain the program administrative processes, procedures, and tools needed to meet Task Order requirements.

• Provide reports, plans, and briefings to client leadership to provide progress updates against plan to include Program Management Review (PMR) presentations, staffing update briefings, and dashboards for tracking of deliverables and
  schedule.

• Develop, implement and maintain project schedules for each task area and an IMS for the program.

• Provide strategic guidance and insights necessary for directing the GRC and ZT Program.

• Engage appropriate stakeholders as needed to meet the Program objectives and to satisfy the requirements of the Task Order.

• Consolidate and provide recommendations for refining and/or improving existing RMF processes and procedures from the different perspectives across the contractor team and
  support implementation of these changes.

• Oversee and assist contractor team in completion of critical Cybersecurity, GRC and ZT activities.

Cybersecurity Strategy and Execution

• Oversee enterprise-wide implementation of Zero Trust Architecture aligned with CISA's maturity model.
• Ensure adoption of NIST standards, including NIST SP 800-53, NIST SP 800-37 (RMF), and 800-207 (ZTA).
• Guide the development and execution of enterprise risk assessments, POA&Ms, compliance audits, and continuous monitoring activities.

Team Leadership and Stakeholder Engagement

• Lead multidisciplinary teams including cybersecurity specialist, security and risk assessors, engineers, compliance experts, SME's, technical evaluators, communication specialist, analyst, policy and process re-engineers, and training specialist.
• Coordinate closely with the Executive Team, client leadership, stakeholders, and internal team to ensure quality and timeliness of deliverables.
• Conduct regular program reviews, executive briefings, and risk management sessions with client leadership.
• Ensure effective change management and communication planning.

Governance, Risk, and Compliance

• Manage and oversee all RMF activities and processes leveraging the integrated GRC system of record.
• Ensure compliance with FISMA, DHS Binding Operational Directives (BODs), and OMB reporting requirements.
• Manage the A&A lifecycle and ensure all systems maintain Authorization to Operate (ATO).
• Lead efforts to transform the enterprise GRC services to meet the requirements of future proof GRC services.

Zero Trust

• Maintain and update the ZT implementation strategy, and roadmap to meet federal requirements.

• Provide expertise and technical guidance to information system stakeholders on the implementation of ZT requirements and participate in design reviews upon request.

• Manage risk across the ZT program as the landscape evolves; and integrate ZT into the existing client and DHS Cybersecurity Risk Management framework and CISA's ZT maturity model with the goal of the solution reaching the optimal state of maturity.

• Streamline and automate enterprise-level performance reporting for all components within ZT, aligned with existing and planned reporting and analytics structures and tools, such as the Continuous Diagnostics and Mitigation (CDM) dashboards, FISMA reporting, and Information Security Continuous Monitoring (ISCM) dashboards.

• Manage, update, and maintain all ZT program governance documents including but not limited to the ZT roadmap; which articulates the programs vision, scope, and direction.

• Map ZT capabilities, existing capabilities within the department, new capabilities the team recommends, and any future memoranda, executive orders, and standards.

Proposal and Growth Support

• Contribute to contract growth through identification of new opportunities, scope expansion, and proposal support.
• Support development of white papers and capability briefs in coordination with the business development team.
• Collaborate with the Executive Team to conduct capture activities and future proof solution.

Quality Assurance and Reporting:

• Develop and implement quality assurance processes to ensure all deliverables meet program standards, client expectations, and regulatory requirements.
• Conduct regular quality audits and reviews, identifying areas for improvement and ensuring continuous process enhancement.
• Prepare and present detailed status reports on program progress, performance metrics, risks, and milestones, ensuring stakeholders are informed and aligned with program goals.
• Monitor program performance against established metrics, addressing any deviations with corrective actions and providing transparent reporting on risk management efforts.

Policy and Training Development

• Create and maintain comprehensive policy and training documentation to ensure alignment with organizational standards, regulatory compliance, and continuous staff development across program activities.

Minimum Requirements

• A minimum of 15 years of IT cybersecurity management experience including 3 years of direct support for the US Government OR a relevant Master's Degree in IT, computer science, business or engineering and 10+ years' of IT cybersecurity management experience including 3 years of direct support for the US Government.
• Demonstrated experience managing complex cybersecurity programs, particularly in GRC and Zero Trust.
• Familiarity with DHS, or other homeland security environments.
• Working knowledge of NIST RMF, NIST SP 800-207 (ZTA), and FISMA compliance requirements.
• Proficiency with GRC platforms and program management tools (e.g., MS Project, Archer, ServiceNow).
• Experience working on TSA, DHS, or other federal cybersecurity transformation programs.
• Knowledge of federal acquisition regulations (FAR), and various contract structures and types.
• Experience in leading geographically dispersed and matrixed teams.
• Familiarity with ITIL, Agile, and DevSecOps methodologies.
• Proven experience in managing and directing subordinate management teams or experienced specialists, with responsibility for achieving short- and long-term strategic objectives.
• Demonstrated leadership skills with a strong ability to contribute to the development of operational strategies and implement tactical plans that directly impact functional results.
• Experience managing complex projects or programs across multiple functions, collaborating with diverse external parties, and ensuring effective communication of project direction and goals.
• Extensive experience with developing, leading, and managing cross-unit project or program teams to drive organizational success in cybersecurity operations.
• Proven ability to manage complex, multi-task order environments across cross-functional teams.
• Demonstrated experience with project lifecycle management: initiating, planning, executing, monitoring, and closing.
• Proficiency with reporting tools, data analytics, and performance metric tracking.
• Strong communication and collaboration skills, especially with federal leads and bureau stakeholders.

Certifications

• At least one of the following security certifications: Certified GRC professional (CGRC) Professional, Certified Information Systems Security Officer (CISSO), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP).
• At least one of the following project management certifications is desirable: Project Management Professional (PMP), Defense Acquisition Workforce Improvement Act (DAWIA) P/PM certification Level III, or FAC- P/PM certification Level II.

Clearance Level

• Minimum of an active Secret Clearance required.

Work Location

• Primary location is Zermount HQ (Arlington VA) and Client HQ (Springfield, VA). Remote work is authorized. Occasion onsite work at the primary site may be required.
• Core Hours: 8:00 am ET - 4:30 pm ET.

If you are interested in applying for this job please press the Apply Button and follow the application process. Energy Jobline wishes you the very best of luck in your next career move.