Full Time Remote Vulnerability Management Jobs (NOW HIRING)

BMA is seeking a Task Order Project Manager to support the DLA Cybersecurity Web/App Vulnerability Management Support Services program. This is a fully remote position and contingent on contract award.

Job Summary 

BMA is seeking a Task Order Project Manager (TOPM) to support our DLA Cybersecurity Web/App Vulnerability Management Support Services contract. The TOPM provides overall leadership, planning, and management oversight for the Cybersecurity Web/Application Vulnerability Management Support Services task order supporting DLA’s J6 Information Operations Directorate. The TOPM is responsible for ensuring the successful execution of all contract requirements associated with improving the cybersecurity (CS) posture of DLA web applications, information systems, cloud environments, and operational technology (OT) platforms. Serving as the primary Government interface, the TOPM coordinates directly with the Contracting Officer (KO), Contracting Officer’s Representative (COR), Program Managers, Information System Security Managers (ISSMs), Authorizing Officials (AOs), and other DLA stakeholders to ensure all technical, schedule, and performance objectives are achieved. The TOPM directs a multidisciplinary team of cybersecurity professionals including Information System Security Engineers and CS analysts who conduct vulnerability assessments, security engineering analysis, risk assessments, and CS compliance evaluations across the DLA enterprise in accordance with DoDI 8510.01 Risk Management Framework (RMF) for DoD IT, NIST SP 800-53, and applicable DoD and DLA cybersecurity policies.

      Key Responsibilities include:

• Leadership and Management.
• Provide overall leadership and management of a large, complex cybersecurity task order supporting enterprise vulnerability management operations.
• Serve as the primary liaison to Government leadership, including the KO, COR, and DLA J6 program management staff.
• Assist the Program Manager (PM) in coordinating contract activities with government stakeholders, including cybersecurity leadership, program offices, and system owners.
• Ensure contract deliverables, schedules, and technical requirements are executed in accordance with performance objectives.
• Program Planning and Execution.
• Develop and maintain the Task Order Management Plan outlining the technical approach, organizational resources, and management controls required to execute the Performance Work Statement (PWS).
• Provide planning, direction, coordination, and control necessary to accomplish all contract tasks.
• Manage the execution of project phases.
• Verify and validate level of effort and deliverables across all assigned tasks.
• Cybersecurity Program Oversight.
• Oversee activities supporting the Cybersecurity Web/Application Vulnerability Management branch responsible for identifying, analyzing, and mitigating vulnerabilities across DLA IT, Cloud, and OT environments.
• Ensure teams perform cybersecurity engineering assessments, security test and evaluation activities, and risk analysis in accordance with federal and DoD cybersecurity policies.
• Ensure compliance with applicable cybersecurity standards and frameworks including RMF, NIST security controls, and DLA cybersecurity guidance.
• Provide oversight of vulnerability assessment activities and cybersecurity engineering recommendations supporting enterprise risk reduction.
• Performance Monitoring and Reporting.
• Oversee preparation and submission of required contract reports.
• Monitor project performance, identify risks, and implement corrective actions when necessary.
• Conduct Integrated Project Reviews (IPRs) with stakeholders to review project status, technical progress, and operational challenges.
• Workforce and Resource Management.
• Lead and supervise a multidisciplinary cybersecurity workforce supporting vulnerability assessment and cybersecurity engineering activities.
• Maintain appropriate staffing levels and skillsets required to meet contract requirements.
• Coordinate recruitment, onboarding, and training of personnel as necessary to sustain contract performance.
• Ensure personnel maintain required cybersecurity certifications and security clearances.
• Quality Control and Continuous Improvement.
• Implement program management controls to ensure the quality and timeliness of all deliverables.
• Establish quality control processes to monitor technical performance and compliance with contract requirements.

Clearance Requirements 

There is a Secret Security clearance requirement for this position. 

Required Skills & Certifications 

• Project Management certification required, such as Project Management Professional (PMP) or equivalent recognized project management certification.
• DoD Approved Baseline Certification (DoD 8570/8140) Information Assurance Management (IAM) Level III such as ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security Professional (CISSP), EC-Council Certified Chief Information Security Officer (C-CISO), or GIAC or SANS GIAC Security Leadership Certification (GSLC).
• 10+ years of relevant professional experience in information technology, cybersecurity, or consulting environments.
• 5+ years of leadership experience managing complex programs or projects within the public or private sector.
• Demonstrated experience managing large, complex government task orders or programs involving enterprise IT or cybersecurity services, including supervising 10 or more employees.
• Experience with STIG compliance cycles, vulnerability management, and POA&M governance.
• Strong technical writing skills producing RMF artifacts, policy and procedure documents, and audit-ready evidence packages.
• Strong facilitation skills for Integrated Product Teams (IPTs), Working Group (WG) sessions, and cross-functional coordination.

Desired Skills & Certifications 

• TS with SCI eligibility.
• Experience supporting DoD or DLA program offices.
• Experience supporting DoD or DLA environments.
• BS or BA in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field.
• One or more of the following DoD-Approved CSSP Analyst Certifications: EC-Council Certified Ethical Hacker, EC-Council CSA Certified SOC Analyst, CompTIA Cybersecurity Analyst (CySA+), GIAC or SANS GCIA GIAC Certified Intrusion Analyst, or GIAC or SANS GCIH GIAC Certified Incident Handler.
• Current Risk Management Professional certification such as one or more of the following: PMP-RMP, ISACA Certified in Risk and Information Systems Control (CRISC), ISACA Certified Information Systems Auditor (CISA), ISACA Certified Information Security Manager (CISM), ISC2 Certified in Governance, Risk and Compliance (CGRC), or Risk and Insurance Management Society Certified Risk Management Professional (RIMS-CRMP).

Other Duties

• Able to travel within a week's notice.
• This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job.
• Duties, responsibilities, and activities may change at any time with or without notice. 

Overview

BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.

Benefits

We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. 

AAP & EEO Statement
 Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.