Iss & Comsec Senior Manager- Ctj - Poly

Microsoft Microsoft · Big Tech · Reston, VA +1 · Business Program Management

Senior Manager for Information Systems Security & COMSEC on the National Security & Trust Team, responsible for implementing Government Cyber Security policy, providing guidance (NIST, NISPOM, DAAPM), performing system and network assessments, ensuring compliance, and leading efforts to establish program control processes to mitigate risks within a high-risk systems environment.

What you'd actually do

  1. Oversees teams who collect and evaluate success criteria (e.g., ROI, SLAs, OKRs, KPIs) and performance metrics (e.g., acquisition, usage, impact, effectiveness, customer feedback), to use scorecards and dashboards to monitor programs and ensure all activities align with business and program objectives, and to report up to leadership and create leadership visibility.
  2. Oversees teams who utilize direction and strategy from leadership advocate and influence sponsorship regarding business area of expertise in order to create and execute plans that shift current priorities to new organizational initiatives and objectives, and influences others to change behavior accordingly.
  3. Oversees teams who overlook a portfolio of projects including the project plan, documentation of roles and responsibilities (e.g., responsible, accountable, consulted, informed [RACI] framework), timelines, milestones, financial management, performance metrics, and resource needs for programs.
  4. Translates the strategy into team priorities when overseeing teams who evangelize the program to stakeholders, partners, and customers to gain buy in.
  5. Oversees teams who act as system architects to understand how systems work and impact one another using process flow map

Skills

Required

  • Information Systems Security
  • COMSEC
  • Government Cyber Security policy implementation
  • NIST
  • NISPOM
  • DAAPM
  • DoD/DISA configurations
  • Information System assessments
  • compliance audits
  • risk mitigation
  • program control processes
  • team leadership
  • performance metrics evaluation
  • data analytics
  • change management
  • cost-benefit analysis
  • project management
  • stakeholder communication

Nice to have

  • ROI analysis
  • SLAs
  • OKRs
  • KPIs
  • scenario analyses
  • business process outsourcing (BPO) vendor management
  • RACI framework
  • process flow mapping

What the JD emphasized

  • Implementing Government Cyber Security policy
  • NIST
  • NISPOM
  • DAAPM
  • DoD/DISA defined acceptable configurations
  • Information System (IS) assessments
  • compliance audits
  • strict program control processes