Application Security (App Sec) Project Manager

Who we are:

ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.  

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.

Who we’re looking for:

We are seeking an Application Security (App Sec) Project Manager to lead enterprise-level App Sec efforts for a federal customer. This role will coordinate across technical, operational and business stakeholders to translate complex App Sec requirements into actionable plans, processes and delivery outcomes. The ideal App Sec Project Manager brings strong project management, cybersecurity, acquisition and service delivery experience, with the ability to drive execution across cross-functional teams. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.

What you’ll be doing:

• Lead enterprise App Sec efforts for the customer, translating technical requirements into clear, actionable tasks, processes and implementation plans across stakeholders.
• Serve as a primary stakeholder in IT operational processes supporting the service, providing direction and monitoring significant activities to ensure successful delivery.
• Coordinate and manage end-to-end service delivery for customers, balancing requirements, constraints and priorities across stakeholders.
• Develop and manage system, network, performance and cybersecurity requirements and ensure they are incorporated into delivery plans and contract language.
• Define and manage Service-Level Agreements (SLAs) and support Operating Level Agreements (OLAs) with internal process owners to ensure performance expectations are clear and measurable.
• Lead and oversee project budgets, staffing and contractual performance, including tracking delivery against cost, schedule and quality objectives.
• Participate in acquisition activities as needed, ensuring procurements and outsourcing efforts include information security requirements consistent with organizational goals.
• Perform needs analysis to identify opportunities for new or improved business process solutions and provide recommendations for upgrades and enhancements.
• Develop methods to monitor and measure risk, compliance and assurance efforts for assigned projects, initiating corrective actions when issues or variances arise.
• Review service performance reports, ensure follow-up on outstanding issues and drive continual improvement through customer satisfaction and internal performance feedback.
• Conduct or support audits of IT projects and evaluate procurement effectiveness in meeting information security requirements, recommending improvements as needed.
• Conduct import/export reviews for acquiring systems and software and address supply chain risk considerations when applicable.

What you need to know:

• Advanced knowledge of the acquisition/procurement life cycle, including system life cycle management principles, software security and the integration of Risk Management Framework (RMF) requirements.
• Proficiency in Import/Export control regulations (specifically for cryptography and security technologies) and the ability to evaluate the trustworthiness of project suppliers and products.
• Mastery of service management concepts (ITIL) and organizational process improvement models, such as CMMI for Development, Services and Acquisitions.
• Understanding of Cloud-based knowledge management, enterprise architectural frameworks and the operational impacts of cybersecurity lapses on the organization's core business mission.
• Skill in identifying system performance indicators and translating complex information needs into intelligence collection requirements across the extended enterprise.

Must have’s:

• Advanced degree in a technical/cyber-related field. Direct experience or relevant certifications may substitute for the academic credentials.
• 7+ years of relevant experience.
• Application Security (App Sec) experience.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.

Beneficial to have:

• Industry recognized certifications

Where it’s done:

• Remote (Herndon, VA).