Cybersecurity Program Manager

Overview Edgewater Federal Solutions is currently seeking a Cybersecurity Program Manager to provide support to a client in the Maryland/Washington DC Metro area. The Cybersecurity Program Manager will serve as the senior leader responsible for overseeing the successful execution of a comprehensive, mission‑critical cybersecurity contract supporting a national‑level agency in the health and scientific research sector. This executive will lead delivery of enterprise‑scale cybersecurity programs and professional services, ensuring alignment with agency priorities, federal mandates, and evolving threat landscapes. As a seasoned "triple‑threat," the role demands expertise in managing complex cybersecurity operations, nurturing high‑impact relationships with senior client stakeholders, including the agency CIO, CISO, and GS‑15 Division Directors, and guiding multidisciplinary teams to deliver operational excellence. The Delivery Executive will oversee and integrate efforts across Cyber Threat Intelligence, Threat Hunting, Red and Purple Teaming, Detection Engineering, 24x7x365 SOC Monitoring and Alert Triage, Incident Response, Digital Forensics, Malware Analysis, Vulnerability Management, Data Protection, Secure Configuration Management, Security Engineering, and Continuous Diagnostics and Mitigation (CDM). They will ensure cybersecurity workflows, staff performance, and mission outcomes are consistently optimized for effectiveness, efficiency, and innovation. Success in this role requires deep technical fluency, exceptional leadership, and the ability to drive outcomes in a high‑stakes, high‑visibility federal environment. Responsibilities Serve as the senior delivery executive responsible for executing a high‑visibility cybersecurity contract for a national health and scientific research agency, ensuring timely, within‑budget, and technically compliant delivery of all contract tasks, milestones, and deliverables. Oversee all aspects of program and technical execution through an integrated Task Order Management structure, including task leads, ensuring clear lines of authority and management control over contractor and subcontractor personnel in accordance with non‑personal services delivery requirements. Lead the development, submission, and continuous maintenance of the Task Order Management Plan, including detailed staffing plans, timeframes, and all contractual deliverables, ensuring alignment with CLIENT feedback and evolving project requirements throughout the contract lifecycle. Establish and maintain a formal Quality Assurance Plan (QAP), outlining internal processes for quality control and ensuring all written deliverables are reviewed for technical accuracy, clarity, and grammatical correctness prior to submission to CLIENT. Lead and facilitate weekly Situational Report (SITREP) meetings with CLIENT stakeholders, including preparation of meeting agendas, minutes, and supporting materials; ensure all action items and decisions are documented and assigned, and provide summaries within one business day post‑meeting. Maintain and update a government‑approved Risk Register capturing all open, resolved, and closed issues, risks, and action items across the performance period; provide the Risk Register to CLIENT upon request and integrate into regular program reviews and reports. Prepare and deliver Monthly Status Reports detailing contract performance, accomplishments, risks, issues, staffing status, and progress against deliverables; ensure timely and accurate communication of program health to CLIENT stakeholders and the COR. Proactively notify the COR in writing of any issues that may materially affect contract performance, and maintain thorough records of any risks, concerns, or problems that impact the Contractor’s ability to meet objectives. Prepare and submit Draft and Final Closeout Reports summarizing accomplishments, unresolved issues, delivered documentation, funding balances, and the final invoice; incorporate CLIENT comments into the final submission and deliver all reports in CLIENT‑specified formats prior to contract expiration. Provide strategic oversight of all Cybersecurity Operations (CSO) activities, ensuring proactive detection, rapid triage, containment, remediation, and forensic analysis of cybersecurity incidents across CLIENT’s hybrid enterprise environment, in alignment with NIST SP 800‑61 and federal reporting mandates. Lead multidisciplinary teams delivering Tier 1 through Tier 3 cyber operations, including 24x7x365 SOC monitoring, incident response, cyber threat hunting, red team exercises, digital forensics, malware analysis, and adversary simulation—ensuring timely response to advanced persistent threats (APTs) and zero‑day exploits. Deliver enterprise‑wide Cyber Threat Intelligence (CTI) services, integrating intelligence requirements into CSO workflows, guiding IOC development, and ensuring actionable insights are disseminated to defend against nation‑state and cybercriminal campaigns. Drive the development and continuous refinement of playbooks, SOPs, detection rules, and automation capabilities supporting Security Information and Event Management (SIEM), SOAR, and behavioral analytics tools, ensuring scalable, repeatable response procedures across CSO functions. Oversee the delivery of all CSO and forensic deliverables, including security incident tickets, chain of custody records, daily remediation reports, after‑action reviews, monthly forensic activity summaries, and leadership briefings on significant events. Lead enterprise Vulnerability Management and Data Protection initiatives, ensuring that vulnerability scanning, configuration baseline compliance, and remediation efforts are prioritized based on threat intelligence and aligned with CDM and HVA requirements. Support CLIENT’s Data Protection strategy, overseeing contractor support for data loss prevention (DLP), sensitive data discovery, classification, and enforcement of policies to prevent unauthorized access, leakage, or exfiltration of PII, PHI, and intellectual property. Provide strategic and technical oversight of cybersecurity tools and platforms, guiding system administration, security engineering, tool integration, configuration management, and infrastructure‑as‑code development to support cybersecurity mission continuity and maturity. Ensure operational resilience and system availability of cybersecurity platforms by enforcing contingency planning, uptime metrics, and rapid recovery from system outages, and by maintaining accurate tool maintenance logs, uptime statistics, and remediation reports. Lead CLIENT’s Continuous Diagnostics and Mitigation (CDM) program delivery, aligning CDM capabilities with the enterprise security architecture, and overseeing the delivery of CLIENT‑specific CDM strategies, assessments, tool integration plans, and mitigation procedures. Qualifications Minimum of 12 years of progressive experience in cybersecurity program management, cyber operations leadership, or delivery oversight roles supporting federal government or enterprise clients, with at least 5 years managing multi‑functional cyber teams. Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field from an accredited institution; Master’s degree preferred. PMP (Project Management Professional) or PgMP (Program Management Professional) certification, demonstrating mastery of program and project delivery standards in federal contracting environments. At least 7 years of experience serving as a senior cybersecurity advisor or subject matter expert (SME), including leadership of enterprise detection, response, vulnerability management, and cyber threat intelligence programs. Top‑tier cybersecurity certifications, including one or more of the following: CISSP (Certified Information Systems Security Professional) GIAC GCIA (Intrusion Analyst), GCIH (Incident Handler), or GCFA (Forensic Analyst) OSCP (Offensive Security Certified Professional) or OSCE/OSWA (advanced red/purple team) CISM (Certified Information Security Manager) CRISC (Certified in Risk and Information Systems Control) CDPSE (Certified Data Privacy Solutions Engineer) AWS/GCP/Azure Security Certifications for cloud security leadership Extensive experience with NIST SP 800‑53, 800‑61, 800‑137, and the CDM framework, with proven ability to apply these standards to enterprise‑level cybersecurity operations and federal compliance programs. Demonstrated experience overseeing large‑scale 24x7x365 Cybersecurity Operations Centers (SOCs) and leading cyber disciplines including CTI, Threat Hunting, Incident Response, Forensics, Vulnerability Management, and Security Engineering. Experience managing high‑sensitivity environments handling Controlled Unclassified Information (CUI), PII, PHI, and supporting systems designated High Impact per FIPS 199. Proven ability to influence and engage with C‑level and SES federal stakeholders, including CIOs, CISOs, GS‑15 Division Directors, and security leadership across agencies. Strong understanding of cybersecurity toolsets, including SIEM, SOAR, EDR, vulnerability scanners, threat intelligence platforms, forensic toolkits, and cloud‑native security controls. Demonstrated ability to manage multiple concurrent task orders and delivery teams, including the development and execution of Task Order Management Plans, Quality Assurance Plans, and Incident Response Playbooks. Familiarity with federal security incident reporting requirements (e.g., US‑CERT, HHS CSIRC) and experience coordinating high‑impact incident response efforts, including chain‑of‑custody and forensic investigations. Strong knowledge of and hands‑on leadership with DevSecOps, infrastructure as code (IaC), and security automation and orchestration initiatives to modernize cybersecurity operations. Demonstrated experience with NIH, HHS, or other federal health science agencies is highly desirable, including experience navigating complex multi‑IC or multi‑agency governance structures. Excellent verbal and written communication skills, with a proven ability to prepare and deliver executive briefings, status reports, and technical documentation for government stakeholders. Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other status protected by applicable law. #J-18808-Ljbffr Edgewater Federal Solutions, Inc.