Cybersecurity Program Manager

STRATEGIC STAFFING SOLUTIONS (S3) HAS AN OPENING!

Strategic Staffing Solutions is currently looking for for a Cybersecurity Program Manager W2 contract opportunity with one of its largest clients!!

Candidates should be willing to work on our W2 ONLY, No c2c.

Job Title: Cybersecurity Program Manager

Job Summary:

The Cybersecurity Program Manager will be responsible for leading the planning, execution, and delivery of complex cybersecurity projects and programs. The ideal candidate will have a strong background in both project management and cybersecurity, with the ability to manage cross-functional teams, coordinate with internal and external stakeholders, and drive initiatives that strengthen the organization's overall security posture.

Primary duties and Responsibilities

• Lead the end-to-end management of cybersecurity projects, including scope, timeline, budget, risk, and quality.
• Coordinate internal teams, third-party vendors, and business units to ensure timely and secure delivery of initiatives.
• Develop detailed project plans, schedules, resource assignments, and communication plans.
• Track project performance and report on status, issues, and risks to executive leadership and cybersecurity governance committees.
• Drive remediation efforts related to cybersecurity assessments, audits, and penetration tests. Align projects with cybersecurity frameworks (e.g., NIST CSF, ISO 27001, CIS Controls) and regulatory requirements (e.g., HIPAA, GDPR, SOX).
• Facilitate risk assessments and collaborate with the Information Security and Risk Management teams to manage project-level risks.
• Ensure appropriate change-management and training activities are embedded in project plans.
• Foster a culture of cybersecurity awareness and collaboration across technical and business teams.

Supervision: No direct reports. Works under general supervision.

Key Internal: Interacts with all levels of employees and departments throughout TEC, PGS, NMG, and Emera Companies.

Key External: Responsible for building and maintaining external relationships with vendors, contractors, consultants, and other industry specialists.

Educational Qualification:

High School Diploma. Experience may be considered in lieu of education.

Preferred: Bachelor s Degree in Computer Science, Information Systems, or other Information Technology-related field

Licenses/Certifications Required:

From the list of certification vendors, one related Information Security professional certification or ability to obtain via self-study within one year of hire date (ex: (ISC)2, GIAC, ISACA, CompTIA, e-Council, etc.).

Preferred: CISSP, CISM, ITIL v3, and four or more of the following or similar IT Security professional certifications: (ex: CISSP, CISA, CRISC, CEH, EnCE, ACE, CCE, GCIH, GCIA, GCFA, GCFE, GPEN, GWAPT, GPPA, GCED, GXPN, GMON, GNFA, GREM)

Knowledge/Skills/Abilities (KSA)Required:

• Solid understanding of fundamental principles of cybersecurity, including threat landscape, vulnerabilities, and risk management.
• Familiarity with relevant security standards and frameworks such as NIST Special Publication 800-53, ISO 27001, and others, depending on the industry.
• Knowledge of applicable laws and regulations governing information security, privacy, and data protection.
• Demonstrating proficiency in information technology systems, network architecture, and prevalent technologies to facilitate comprehensive evaluation of security controls.
• Knowledge of security control frameworks and their implementation, including access controls, encryption, and incident response. Technical skills to assess security controls, understand vulnerability assessments, and the technical aspects of security implementations. Strong communication skills to effectively convey assessment findings, risks, and recommendations to technical and non-technical stakeholders.
• Ability to create clear and detailed documentation, including road maps, reports, and recommendations.
• Critical thinking and problem-solving skills to analyze complex security issues and recommend appropriate solutions. Keen eye for detail to identify vulnerabilities, weaknesses, and discrepancies in security controls and documentation.
• Ability to adapt to evolving cybersecurity threats, technologies, and regulatory requirements.
• Adherence to ethical standards and professionalism, as SCAs often have access to sensitive information and play a critical role in maintaining the integrity of security assessments.
• Collaboration with various stakeholders, including system owners, security teams, and management, to ensure a comprehensive understanding of the information system and its security controls.
• Commitment to continuous learning and staying updated on the latest developments in cybersecurity, technology, and regulatory landscapes.
• Enhanced skills in analyzing complex cybersecurity data and making strategic decisions that have a broad organizational impact.
• Deep understanding of emerging technologies and their implications for cybersecurity, enabling proactive risk management in a rapidly evolving tech landscape.
• Skills in leading and managing a team, including mentoring junior staff and coordinating efforts across different risk management activities.
• Ability to work effectively across different departments, understanding their needs and aligning them with cybersecurity practices.

Beware of scams. S3 never asks for money during its onboarding process.