Cybersecurity Software Assurance Project Manager (PM3) - CSAPM 25-24164

Overview

Remote
Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - W2
No Travel Required

Skills

Software Development Methodology
Software Security
Testing
Writing
Reporting
SaaS
Preventive Maintenance
Project Management
Management
Microsoft Azure
OWASP
Good Clinical Practice
Google Cloud Platform
Regulatory Compliance
Security Architecture
IT Security
Information Security Governance
Performance Management
Public Sector
Continuous Integration
Cyber Security
Documentation
Dynamic Testing
Security Controls
Amazon Web Services
Cloud Computing
Communication
Continuous Delivery
DevOps
Software Development

Job Details

Job Title: Cybersecurity Software Assurance Project Manager (PM3)
Location: Remote (Based in New York)
Duration: 2 Years
Work Schedule: Monday Friday, 35 hours/week (overtime requires prior approval)

Position Overview:

A major public sector organization is seeking a Cybersecurity Software Assurance Project Manager (PM3) to lead secure-by-design initiatives and embed robust application security practices into software development lifecycles. This role is part of a long-term program to enhance software security across agencies and partners through proactive review, consultation, and governance support.

Responsibilities:

  • Conduct application security assessments including risk evaluations, architecture reviews, and secure code analyses

  • Work closely with development teams and third-party vendors to advise on secure integration and deployment strategies

  • Guide secure software development practices throughout the software development lifecycle (SDLC)

  • Validate security architecture, threat models, and security controls to ensure compliance with internal standards

  • Interpret and respond to vulnerability reports and testing results with remediation strategies

  • Enhance AppSec processes and maintain up-to-date documentation of policies and workflows

  • Contribute to expanding and implementing secure SDLC practices organization-wide

  • Assist in the creation and refinement of security governance documents and security-related policies

  • Monitor and report on software security metrics, including risk trends and open findings

  • Manage application security testing tools, timelines, and related project resources

Required Qualifications:

Candidates must meet all of the following requirements to be considered:

  • 8+ years of hands-on experience in application security, software development security, or consulting

  • Deep understanding of secure coding practices, OWASP Top 10, and threat modeling

  • Proven ability to conduct technical reviews across web, mobile, and cloud-native applications

  • Experience using and managing static/dynamic analysis, SAST, DAST, and related security tools

  • Strong communication skills to explain technical risks to both technical and business stakeholders

  • Experience in CI/CD environments and modern DevOps workflows

  • Familiarity with security for APIs, containers, and cloud-native systems (AWS, Azure, Google Cloud Platform)

  • Previous experience supporting or writing IT/security policy and governance

  • Knowledge of vendor security assessments and SaaS risk reviews

  • Background in large-scale organizations, preferably government or public sector

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.