Technical Cybersecurity Manager

Description

At MetaPhase, we believe Quirky is Cool and being authentic is the only way to be! We take the work we do very seriously and do a lot of important mission-focused work for our clients. We are individuals with different passions and strengths who take as much joy in the work we do as from those we work with. Today, we have a team that is invested in creating new solutions that lean forward, challenge the status quo, but also reflect our intimate knowledge of our customers' business. Over the years we have fostered a culture in which we are united by shared values-passion, solidarity, generosity, curiosity, and boldness-and these come alive in the work we do and how we do it.

Together, we know our people are our difference-for our clients and our colleagues.

Are you ready to:

• Work alongside a dedicated and diverse set of people to offer honest advice and practical guidance to our clients?
• Learn and grow by taking advantage of every opportunity available to you?
• Join a company which prides itself on its shared values and inclusive culture?
• Be the difference and make it happen?

Role Summary

MetaPhase is seeking an experienced Technical Cybersecurity Manager with eight or more (8+) year of experience to support a high-impact federal transportation security program. This role will lead the systems, tools, controls, and technical team responsible for protecting complex mission environments, including cloud, on-premise, enterprise IT, and operational technology environments.

The ideal candidate is a hands-on cybersecurity leader with deep experience managing technical security controls such as firewalls, data loss prevention systems, vulnerability scanning, penetration testing, patching, encryption, endpoint protection, system hardening, and security monitoring. This individual will provide highly technical and specialized guidance, develop solutions to complex security problems, prepare reports and presentations for senior leadership, and may serve as a contractor task order Project Manager.

What You Will Be Doing

• Leading the technical cybersecurity team responsible for securing mission systems, cloud environments, on-premise infrastructure, and connected operational technology environments.
• Managing and overseeing security controls including firewalls, DLP, encryption, endpoint protection, vulnerability scanning, penetration testing, patch management, configuration hardening, security monitoring, and incident response support.
• Providing highly technical guidance and specialized cybersecurity solutions for complex security, architecture, engineering, and compliance challenges.
• Supporting cybersecurity engineering activities across system design, development, deployment, operations, maintenance, and modernization efforts.
• Managing security documentation and artifacts supporting ATO processes, including System Security Plans, Risk Assessments, Contingency Plans, POA&Ms, security packages, control implementation evidence, and continuous monitoring materials.
• Supporting RMF, FedRAMP, FISMA, NIST 800-53, DHS/TSA cybersecurity requirements, and federal security governance processes.
• Leading vulnerability management activities, including scan analysis, remediation planning, prioritization, tracking, reporting, and closure.
• Overseeing patch management, operating system hardening, STIG implementation, configuration management, and remediation of security weaknesses.
• Coordinating with ISSOs, system owners, architects, engineers, OEMs, infrastructure teams, cloud teams, and federal stakeholders to resolve technical security issues.
• Performing detailed technical analyses, security studies, risk assessments, root cause analysis, and cybersecurity impact assessments.
• Preparing reports, briefings, dashboards, and executive-level presentations for program leadership and upper management.
• Supporting cloud security services, including secure architecture, control implementation, monitoring, compliance, and remediation for cloud or hybrid environments.
• Supporting OT/IT convergence security, including environments involving connected devices, endpoint security, SCADA-adjacent concepts, industrial control considerations, and operational mission systems.
• Leading or contributing to incident response, critical incident management, after-action reviews, and corrective action planning.
• Serving independently or as part of an integrated Agile, DevSecOps, cybersecurity, engineering, or program management team.
• Potentially serving as a contractor task order Project Manager, including planning, staffing, schedule tracking, risk management, performance reporting, and stakeholder coordination.

What We Need From You (Required)

• Minimum of eight or more (8+) years of progressive experience in IT, cybersecurity, security engineering, systems engineering, infrastructure, cloud, or related disciplines.
• Minimum of six or more (6+) years of specialized experience across multiple advanced IT or cybersecurity disciplines involving a wide range of hardware and software solutions.
• Minimum of four or more (4+) years of concentrated, hands-on experience delivering cloud-related security services.
• Demonstrated experience managing technical cybersecurity systems, tools, controls, and the teams responsible for operating or supporting those systems.
• Strong knowledge across security architecture, engineering, operations, compliance, vulnerability management, incident response, identity/access, endpoint security, and security monitoring.
• Experience managing ATO documentation and ATO processes in federal environments.
• Experience supporting RMF, NIST 800-53, FISMA, FedRAMP, POA&M management, security control assessment, continuous monitoring, and audit evidence development.
• Experience with vulnerability scanning, penetration testing coordination, remediation planning, patch management, encryption, DLP, firewall rules, endpoint protection, and system hardening.
• Familiarity with SCADA, ICS, OT, connected device, or industrial cybersecurity concepts.
• Ability to analyze complex cybersecurity issues and develop practical, technically sound recommendations.
• Experience preparing formal reports, technical briefings, risk summaries, and executive presentations.
• Ability to work independently, lead teams, and collaborate across engineering, cybersecurity, cloud, infrastructure, program management, and federal stakeholder groups.

What Sets You Apart (Preferred)

• GIAC Global Industrial Cyber Security Professional (GICSP) certification.
• CISSP, CISM, CCSP, CEH, Security+, CASP+, AWS Security Specialty, Azure Security Engineer, or equivalent certification.
• Prior experience supporting DHS, TSA, transportation security, airport operations, defense, law enforcement, critical infrastructure, or national security missions.
• Experience securing operational technology, industrial control systems, edge devices, connected equipment, or IoT/IIoT environments.
• Experience with SIEM, SOAR, EDR/XDR, CSPM, CNAPP, SAST/DAST, container security, cloud logging, and cloud-native security services.
• Experience supporting FedRAMP High, High/High/High FIPS systems, zero trust initiatives, or federal cloud migration programs.
• Experience managing technical teams in Agile, DevSecOps, SAFe, or hybrid federal delivery environments.
• Experience serving as a task order lead, technical lead, cybersecurity workstream lead, or contractor Project Manager.

Work Location

• Washington, DC / Nations Capital Region

Remote Schedule

• Hybrid; Remote work may be supported, with periodic onsite meetings at federal facilities or local field sites as required.

Travel

• Limited travel may be required for stakeholder meetings, integration activities, or OEM coordination.

Education Level

• Minimum bachelor's degree in Computer Science, Information Technology, or Computer Engineering, or related field; equivalent experience may be considered.

Clearance Level

• Ability to obtain and maintain federal suitability or Public Trust is required
• Active DHS suitability, Public Trust, Secret, or higher clearance preferred.
• U.S. Citizenship required (NO EXCEPTIONS)

About MetaPhase Consulting

MetaPhase Consulting is different with a purpose - demonstrating a new approach to the industry that puts employees and culture first! We continue to be recognized by industry as one of the fastest growing and most impactful consultancies in the nation, and are aggressively hiring to grow our team:

Fastest Growing

• Inc 5000 Fastest Growing Company - 2020, 2021, 2022, 2023, 2024, 2025
• Washington Technology Fast 50 Award - 2020, 2021
• Financial Times America's Fastest Growing Companies - 2021, 2022, 2023, 2025, 2026

Best Places to Work

• USA TODAY Top Workplaces - 2022, 2023, 2024, 2025
• Washington Post Best Places to Work - 2022, 2023, 2024, 2025
• Washington's Business Journal's Best Places to Work - 2021, 2022
• Virginia Businesses Best Place to Work - 2021, 2022, 2023, 2024, 2025
• Northern Virginia Technology Council Top 100 Technology Firms - 2020

Company & Individual Awards

• 2021, 2023, 2024, 2025 Moxie Award Finalist
• 2022 SECAF Government Contractor Awards ($27.5 to $50 Million in Revenue)
• 2022 FedHealth IT and G2XChange Women in in Leadership Awards - Beth Angerman
• 2022 George Mason University Prominent Patriots in Business - Fred Costa
• 2022 TiE DC Capital ELITE Award
• 2023, 2024, 2025 Elev8 Engage GovCon Finalist
• 2023, 2024 Maryland Tech Council ICON Awards Finalist for Government Contracting Company of the Year: Over $50 Million
• 2023 Greater Washington Government Contractor of the Year ($25 to $75 million) Awards Finalist
• 2024 Consulting Magazine Tech Innovator
• 2025 Northern Virginia Technology Council Tech100 Company
• 2026 FORUM Innovation Awards - ChallengeAI by Brian Funk (CTO)
• 2026 FORUM Disruptive Tech Change Agent - Brian Funk (CTO)
• 2026 Orange Slices Elev8[X] Finalist

MetaPhase Consulting is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability or veteran status, or any other factors protected by federal, state, or local law.

#dice

#LI-Hybrid