Cybersecurity Project Manager

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™

ASRC Federal is a seeking a Cybersecurity Project Manager supporting the Department of Energy. The Cybersecurity Project Manager will be responsible for managing the cybersecurity task, overseeing contracted personnel, and supporting the design and enhancement of the customer's cybersecurity program. The role involves managing governance, risk, and compliance activities, developing cybersecurity policies, conducting risk assessments, and providing technical support for IT systems at headquarters and field sites. The Project Manager will also perform security monitoring, support information assurance, and conduct penetration testing. The ideal candidate possesses extensive experience in cybersecurity, technical expertise , and the ability to lead major technology assignments. The candidate must have at least 10 years of relevant experience and a bachelor's degree in a related field.

Key Responsibilities:

Project Management:

• Provide project management for the cybersecurity task, including information systems continuous monitoring, penetration testing, an enterprise oversight network, and compliance.

• Manage, oversee, and supervise the activities of all contracted and/or subcontracted personnel assigned to the cybersecurity task serving on this contract.

• Support the design, implementation, maturity, and continual enhancement of the customer's cybersecurity program.

• Manage governance, risk, and compliance planning and reporting activities.

• Develop risk, compliance, and information system continuous monitoring strategies.

• Recommend, develop, and implement independent cybersecurity assessment processes for information systems.

• Oversee independent cybersecurity assessments.

• Develop cybersecurity implementation policies and guidelines.

• Establish and maintain stakeholder communication channels.

• Identify opportunities for new and improved business process solutions.

Cyber Operations - Headquarters Security System (HQSS):

• Support the customer in managing all aspects of its Cybersecurity program, including IT systems at headquarters and field sites, stand-alone and network National Security Systems (NSS), general support systems, industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, industrial monitoring systems, wireless systems, and networks.

Security Architecture:

• Support design and development activities, provide technical and cybersecurity guidance and feedback.

• Perform risk assessments of proposed changes to network software and hardware, as well as new technology .

• Provide guidance and technical expertise for the development and updating of System Security Plans (SSP) for ICS and general support systems.

• Update the MIPP Architecture, perform strategic planning, and document a Defense in Depth model.

• Provide recommendations on new cyber policies.

• Perform cybersecurity oversight, manage and track cybersecurity system documentation, and perform oversight and peer review of risk advisories, DHS Binding Operational Directives, and Emergency Directives.

• Draft technical white papers and provide documented suggestions and best practices for boundary network and application topologies.

Information System Security Officer (ISSO) Support:

• Perform the duties of an ISSO for all current and future boundaries that support the customer's work scope.

• Prepare and present cybersecurity briefings, develop, test, and review disaster recovery and Continuity of Operations Plans (COOPs), provide analysis of vulnerability, patch and configuration data, perform log review, establish and update ISSO SOPs, and formally register FISMA Systems.

• Draft, maintain , and update all FISMA artifacts and shepherd all Assessment and Authorization (A&A) documents through routing and signature processes.

Field Site Support:

• Provide technical support, detailed cyber analysis, and IT system cyber monitoring to customer Field Site IT systems using state-of-the-art monitoring technologies.

• Perform security monitoring, provide analysis of audit logs, IDS/IPS logs, firewall logs, and full packet capture data for malicious activity.

• Leverage SIEM workflow to review and clear events, maintain a master schedule of cybersecurity oversight assessments and site assistance visits, evaluate system controls, and document site assessment findings.

Information Assurance:

• Support Office of the Chief Information Officer (OCIO) and Office of Management and Budget (OMB)-required reporting, data calls, and other input.

• Develop cybersecurity reports, support the customer's Privacy Program, and provide support for ad-hoc data calls.

• Provide security support for image management activities for desktops and servers.

• Prepare quarterly and annual Federal Information Security Management Act (FISMA) reports.

• Develop and maintain Cybersecurity/Privacy Dashboards.

Penetration Testing/Purple Team:

• Conduct White Hat and Grey Hat penetration testing/Purple Teaming of customer site mission system IT systems, perform research on current threats, establish Rules of Engagement, maintain a master schedule, test systems for vulnerabilities, draft reports, and perform out briefings.

Qualifications:

• Possesses and applies expertise across key tasks and high-impact assignments.

• Plans and leads major technology assignments.

• Evaluates performance results and recommends major changes affecting short-term project growth and success.

• Functions as a technical expert across multiple project assignments.

• May supervise others.

• Must possess at least 10 years of relevant work experience and a bachelor's degree from an accredited university in a related field.

• A postgraduate degree from an accredited university may substitute for 6 years of experience.

• One year of relevant experience may be substituted for one year of required education.

Successful candidate is subject to a background investigation by the government and must be able to meet the requirements to hold a Q clearance.

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.