Trident Consulting is seeking a " Cybersecurity Program Manager” for one of our client in "Aliso Viejo, CA". A global leader in business and technology services.
Position Title : Cybersecurity Program Manager – NIST CSF Maturity Lead (GRC)
Location: Aliso Viejo, CA
Pay Rate: $70/hr - $86/hr on w2
Industry Medical Device (Cybersecurity / IT & Engineering)
Employment Type Contract (6 Months)
Experience Required 7+ Years
Position Summary
Glaukos Corporation is seeking an experienced Cybersecurity Program Manager / NIST CSF Maturity Lead to lead a six-month cybersecurity maturity initiative. This role is primarily focused on project management (70%) and cybersecurity compliance (30%), driving the organization's NIST Cybersecurity Framework (CSF) maturity while building governance processes, documentation, and sustainable security programs.
The ideal candidate is a self-starter who can independently lead cybersecurity initiatives, influence cross-functional teams, and establish long-term governance practices.
Required Skills
Must Have
- 7+ years of Cybersecurity, Information Security, or GRC experience
- Strong Project/Program Management experience
- Hands-on NIST Cybersecurity Framework (NIST CSF)
- Cybersecurity compliance programs
- Risk Management
- Gap Analysis
- Security Governance
- Executive reporting
- Policy and procedure development
- Cross-functional stakeholder management
- Excellent documentation skills
Key Responsibilities
Project & Program Management (Primary Focus)
- Own the cybersecurity program plan, milestones, timelines, and deliverables.
- Create program charter, RACI matrix, dashboards, and executive reporting.
- Track risks, dependencies, issues, and escalations.
- Lead stakeholder meetings and maintain action logs.
- Mentor and manage a junior GRC contractor.
Governance, Risk & Compliance (GRC)
- Develop cybersecurity policies, standards, and procedures.
- Build repeatable governance processes and control documentation.
- Create audit-ready evidence repositories.
- Maintain cybersecurity risk register.
- Conduct risk workshops and manage exceptions.