Rapid Strategy · 5 months ago
Cybersecurity Program Manager – Controls Testing
Midlothian, VA
Full-time
Onsite
Senior Level, Lead/Staff
10+ years expRapid Strategy is seeking a Cybersecurity Program Manager to oversee and coordinate the execution of a cybersecurity program focused on controls testing and penetration testing for a government client. This role involves managing compliance with federal cybersecurity standards, leading penetration testing activities, and providing strategic guidance on risk mitigation.
AdviceCloud SecurityCyber SecuritySecurity
No H1B
U.S. Citizen Only
Responsibilities
Lead and manage a cybersecurity program that encompasses controls testing and penetration testing to evaluate the client’s security posture comprehensively
Ensure compliance with NIST 800-53 v5, NIST 800-37, and FISMA requirements throughout the program lifecycle
Oversee the Risk Management Framework (RMF) process and Security Assessment and Authorization (SA&A), ensuring timely and accurate documentation
Supervise and support penetration testing activities, including scoping, execution, and reporting, to uncover vulnerabilities in applications, networks, and systems
Develop and maintain the program schedule, ensuring tasks are completed on time and deliverables meet quality standards
Act as the primary point of contact for the client, providing regular updates, addressing concerns, and managing expectations
Oversee the creation and delivery of key artifacts such as System Security Plans (SSPs), Security Assessment Reports (SARs), penetration testing reports, and Plan of Action and Milestones (POA&Ms)
Provide strategic guidance on risk mitigation, remediation planning, and improving the client’s cybersecurity posture
Monitor program performance, track milestones, and deliver comprehensive progress reports to stakeholders
Stay current on regulatory changes, cybersecurity standards, and emerging threats to ensure the program remains effective and up to date
Qualification
Required
MUST BE A U.S. CITIZEN
10+ years of experience in program or project management within the cybersecurity field, particularly in federal government environments
Proven ability to manage both controls testing and penetration testing programs, ensuring alignment with NIST and federal requirements
Extensive knowledge of NIST 800-53 v5, NIST 800-37, and FISMA requirements
Demonstrated experience in managing the Risk Management Framework (RMF) process and Security Assessment and Authorization (SA&A) lifecycle
Strong understanding of penetration testing methodologies and tools, including PTES, NIST 800-115, and automated/manual testing techniques
Ability to manage large-scale cybersecurity programs, including resource allocation, risk management, and stakeholder engagement
Exceptional organizational and leadership skills with the ability to manage multiple priorities and meet tight deadlines
Strong verbal and written communication skills, including experience briefing senior executives and government stakeholders
Bachelor's degree in Cybersecurity, Information Technology, Business Administration, or a related field
Preferred
Certifications such as PMP, CISSP, CISM, OSCP, or CEH
Experience managing cybersecurity programs for federal clients, particularly within defense, financial, or regulatory environments
Familiarity with privacy regulations and their integration with security controls and penetration testing programs
Company
Rapid Strategy
Rapid Strategy specializes in cybersecurity services, focusing on risk mitigation and rapid solution delivery.
11-50 employees
Funding
Current Stage
Early StageLeadership Team
Ron Meeting
Chief Executive Officer
Jesse Rhee
Chief Operating Officer
Company data provided by crunchbase