Cherokee Federal
Building. Solving. Serving.
Senior Cybersecurity and Privacy Program Manager
Location
Washington
Posted
2 days ago
Salary
$180K - $190K / year
Bachelor Degree10 yrs expEnglishAzureCloudCyber SecurityJavaPMPPythonSDLCSplunkSQLVBA
Job Description
• Lead NSF’s enterprise cybersecurity and privacy program; set objectives, coach for performance, ensure cross-training and continuity; maintain an adaptive posture with rigorous analysis and implementation.
• Govern to NIST RMF (SP 800-37), FISMA, OMB guidance, NIST SP 800-series (including privacy controls), CISA BODs, and FedRAMP; own FISMA IG maturity targets and drive quarterly improvements with metrics-based reporting.
• Develop and maintain cybersecurity and privacy policies, plans, procedures, standards, operational guides; establish and manage a documentation and knowledge repository.
• Drive risk-based management and security-focused configuration management across infrastructure and applications; maintain risk registers, executive dashboards, and remediation plans.
• Privacy Program Management: Partner with SAOP (Senior Agency Official for Privacy) to lead oversight; conduct privacy control assessments (NIST SP 800-53 Rev. 5 privacy, OMB memos); maintain a privacy risk register; embed privacy risk in enterprise reporting; deliver compliance reporting and corrective actions.
• Assessment and Authorization/Continuous Monitoring: Lead A&A/Ongoing Authorization; plan and execute assessments aligned to NIST SP 800-53/53A, 800-171/172; manage evidence, weakness analysis, POA&Ms, and durable closure; mature Continuous Monitoring and DHS CDM integrations, dashboards, automated reporting, and alert fidelity.
• SIEM (Security Information and Event Management) Monitoring and Audit Logging: Oversee Splunk operations; enforce audit logging standards, log source coverage (infrastructure, applications, cloud), retention/integrity, and compliance mapping; tune detections and dashboards.
• Zero Trust and Modernization: Execute NSF’s Zero Trust plan across identity, devices, networks, applications/workloads, and data; implement comprehensive monitoring, risk-based access, automation; conduct red/blue team testing; advance data-centric security, DLP, and protection of sensitive/PII; plan for post-quantum cryptography transitions.
• Identity and Account Management: Own enterprise IAM governance—joiner/mover/leaver automation, identity proofing, MFA and conditional access, ABAC (Attribute-Based Access Control)/RBAC (Role-Based Access Control) design, federation, lifecycle monitoring metrics; enforce least privilege, just-in-time/just-enough access.
• Privileged Access Management: Lead CyberArk operations for vaulting, credential rotation, session monitoring/recording, access brokering; integrate with IdP, ticketing, and automation to reduce risk and improve efficiency.
• Application Security and DevSecOps: Establish secure SDLC standards, threat modeling, secure code reviews, SAST (Static Application Security Testing)/DAST (Dynamic Application Security Testing)/SCA(Software Composition Analysis) in CI/CD, developer training; enforce configuration management; track AppSec KPIs (coverage, defect density, remediation time).
• Cloud and External Services Reviews: Conduct security reviews, analysis, and continuous monitoring of cloud/external services; validate FedRAMP inheritance and compensating controls; enforce CSPM policies; perform vendor risk assessments; run quarterly posture reviews and remediation.
• Operations, IR, and Forensics: Lead SOC operations and major incident response including after-hours surge; drive root cause analysis, lessons learned, corrective actions; direct IT forensics and eDiscovery with proper chain-of-custody and audit-ready evidence.
• Continuity, Contingency, and Service Recovery: Direct BCP (Business Continuity Plans)/DR (Disaster Recovery) strategy with defined RTO (Recovery Time Objective)/RPO (Recovery Point Objective); run tabletop and failover exercises; manage dependency mapping, evidence capture, and corrective actions to meet restoration objectives.
• Supply Chain Risk Management: Support ICT (Information and Communications Technology) SCRM (Supply Chain Risk Management) across development, acquisition, maintenance, and disposal; integrate NIST SP 800-161r1 practices, oversee ongoing monitoring and end-of-life disposal controls.
• Infrastructure Asset Identification and Classification: Establish authoritative asset inventory and classification standards; integrate with CMDB and DHS CDM for visibility, control coverage, and risk reporting.
• Independent Reviews and SCIF Support: Coordinate internal and third-party independent security reviews; support SCIF-related security operations and processes as required.
• Tool Refresh and Maturation: Plan refresh cycles and maturity targets for SIEM (Splunk), EDR/XDR, vulnerability scanning, IAM/IdP, PAM (CyberArk), DLP, CSPM/CWPP, configuration management tools, and cloud-native services; measure efficacy and ROI; deprecate low-value tools.
• Cybersecurity and Privacy Training: Own awareness and role-based training programs; coordinate content, track completion, measure effectiveness (e.g., phishing resilience), and drive continuous improvement.
• Reporting and Deliverables: Deliver monthly/quarterly reports covering FISMA IG maturity, POA&M status/closure, CDM dashboards, SIEM coverage and detection efficacy, incident metrics (MTTD/MTTR), audit response packages, training metrics, continuity/DR test results, and executive risk dashboards.
• Performs other job-related duties as assigned.
Job Requirements
- 10+ years of cybersecurity leadership; 5+ years leading federal or large enterprise programs with multi-vendor teams.
- Demonstrated privacy program leadership in federal environments; partnership with SAOP; execution of PIAs (Privacy Impact Assessments)/SORNs (Systems of Records Notices) and privacy control assessments.
- Deep experience with NIST RMF, FISMA, OMB guidance, NIST SP 800-series (including 53/53A and privacy controls), CISA BODs, FedRAMP, DHS CDM.
- Proven A&A/Ongoing Authorization leadership; strong continuous monitoring, assessment planning/execution, evidence management, POA&M remediation.
- SIEM/Splunk expertise: detections, dashboards, content tuning, data onboarding, audit/log monitoring, and threat analytics.
- IAM governance: IdP/IAM platforms (Azure AD/Entra, Okta, Ping), conditional access/MFA, lifecycle automation, ABAC/RBAC policy design, identity proofing, federation.
- PAM/CyberArk: architecture and operations for vaulting, credential rotation, session recording, least privilege, JIT/JEA access, and workflow integrations.
- Application Security/DevSecOps: secure SDLC, threat modeling, secure code reviews, CI/CD integrations; tooling such as GitLab/GitHub Actions, SonarQube, Veracode, Snyk; familiarity with NIST SSDF.
- SOC leadership, incident response, forensics/eDiscovery; cloud security governance across major CSPs; CSPM/CWPP policy design and enforcement.
- SCRM and vendor risk management implementing NIST SP 800-161r1; SBOM practices; lifecycle controls from acquisition through disposal.
- BCP/DR planning and execution; defined RTO/RPO; exercise orchestration and evidence management.
- Strong automation orientation; ability to write and evaluate code in PowerShell, Python, SQL, Java; familiarity with VBA.
- Experience establishing authoritative asset inventories and CMDB/CDM integrations; audit logging standards and compliance mapping.
- Bachelor’s in Cybersecurity, Information Assurance, Computer Science, Engineering, or related field; Master’s preferred.
- Certifications preferred: CISSP, CISM, CRISC, CAP, CCSP, PMP.
- Splunk certifications (e.g., Power User, Admin) and CyberArk certifications (Defender, Sentry, Guardian) preferred.
- Privacy certification strongly preferred: CIPP/G or equivalent federal privacy leadership experience.
- Must pass pre-employment qualifications of Cherokee Federal.
Benefits
- Medical
- Dental
- Vision
- 401K
- Other possible benefits as provided. Benefits are subject to change with or without notice.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Security Engineer2 days ago
Full TimeRemoteTeam 51-200
The engineer will architect, configure, implement, and maintain Palo Alto Next Generation Firewalls (NGFWs), focusing on complex environments for a Federal client. Key duties include managing SSL decryption and inspection for all web traffic, integrating Wildfire analysis, and tuning configurations to enhance threat detection capabilities.
Palo Alto NGFWFirewall configurationSSL decryptionWildfireSMTP traffic inspectionThreat detectionSIEM integrationNetwork securityUser-ID loggingChange management
United States
Security Engineer2 days ago
Full TimeRemoteTeam 5,001-10,000Since 2011H1B Sponsor
The ISSO will enhance security and compliance for federal cloud environments, manage ATO processes, conduct audits, and oversee incident responses.
Aws GovcloudCC++CI/CDEndpoint SecurityFedrampFismaJavaScriptNist Sp 800-53PythonRmfSIEM
Cloud Security Threat Modeler – Service & API Patterns
ELYON InternationalSolutions for a Changing World. Certified NMSDC, WBENC, VOSB, MBE, WOSB
Security Engineer2 days ago
ContractRemoteTeam 201-500H1B No Sponsor
Cloud Security Threat Modeler standardizing security patterns for AWS, Azure, and GCP
AWSAzureCloudGoogle Cloud Platform
Senior Cybersecurity Lead
GuidehouseSolving big problems, building trust in society, and empowering our clients to shape the future.
Security Engineer2 days ago
Full TimeRemoteTeam 10,001+Since 2018H1B Sponsor
This role involves designing, managing, and maintaining the security posture for a multi-system Identity and Credential Management solution while leading cross-functional teams to implement and test IT security controls. The lead will apply cybersecurity principles, develop RMF plans, and maintain implementation schedules across the program lifecycle.
