Sr. Program Manager - Cybersecurity Supply Chain Risk Management (C-SCRM)

Contracting Resources Group, Inc. (CRG) is a Woman-Owned Small Business, specializing in several core markets within the Federal Government. Our professional services depth includes program management and evaluation, strategic communications, training, event management, process improvement, acquisition and financial management, data analytics, and IT solutions. CRG is an industry leader, in part because of our ability to attract the highest quality team members through our emphasis on culture, competitive compensation, and benefits packages. Since 2002, CRG has consistently received top performance ratings from customers, employees, and teaming partners and industry awards, including Inc. Magazine’s 5000 list of the Fastest Growing Companies in America, the Department of Labor HireVets Platinum Medallion award, and the Washington Business Journal and Baltimore Sun’s Best Places to Work awards.

Description: CRG is seeking a Senior Program Manager to lead Cybersecurity Supply Chain Risk Management (C-SCRM) Program, ensuring that risks associated with third-party information and communications technology (ICT) and operational technology (OT) suppliers are identified, assessed, and mitigated. This role requires strategic vision, expertise in cybersecurity and supply chain risk, and the ability to coordinate across multiple stakeholders including internal and external federal government partners, industry, and other federal agencies and interagency organizations.

Program Manager Duties

• • Work in close collaboration with the Department’s C-SCRM Director under the auspices of the Office of the Enterprise Chief Information Security Officer (E-CISO).
  • Establish/manage program goals, performance metrics, and reporting mechanisms to measure Program effectiveness in support of the State Department’s C-SCRM Strategic Plan and Roadmap and in alignment with federal mandates/directives (e.g., NIST SP 800-161, EO 14028).
  • Provide executive-level briefings and recommendations to senior leadership.
    
  • Identify, assess, prioritize, and mitigate C-SCRM Program risks to ensure the Program’s overall success and progress.
  • Collaborate with State Department bureaus, offices, and posts, other federal agencies, and external partner organizations to grow and strengthen the Department’s C-SCRM Program.
  • Represent and serve as a program leader in interagency cross-departmental and/or working groups efforts.
  • Manage cross-functional teams, budgets, and schedules to deliver on-time, high-quality products and services in support of the Program’s goals and objectives.
  • Drive the adoption of best practices in project management, risk management, acquisition management, and supply chain risk management assessments.
  • Develop project scopes and objectives, involving all relevant stakeholders and ensuring technical feasibility.
  • Experience communicating clearly and effectively in both writing and verbally to audiences with differing levels of technical understanding.
  • Excellent client-facing and internal communication skills
  • Outstanding organizational skills including attention to detail, providing quality control, and multi-tasking skills.

Location: On-site/Hybrid. Main office located in Washington, DC

Required Qualifications: 

• Active Secret Clearance required.
• Bachelor’s Degree in Information Technology, Computer Science, or related field (Master’s is preferred).
• Project Management Institute (PMI) Project Management Professional (PMP) Certification is preferred.
• 10+ years in program/project management. Some cybersecurity or supply chain risk management experience preferred.
• Experience leading strategic planning and process improvement initiatives.
• Technical experience with cloud platforms and cloud-based IT solutions and technologies.
• Excellent leadership, communication, customer services, and organizational skills.
• Technical certification related to business transformation technology is preferred (i.e., Microsoft Power Platform).
• 5+ years of experience specifically leading projects for the (DOS) is preferred.
• Strong understanding of federal acquisition regulations, contract management, including acquisitions processes.
• Demonstrated self-starter with a high level of energy, proven record as a team player, outstanding communicator with demonstrated political savvy, unquestionable integrity, credibility, and character, strong leadership, team-building, critical thinking, and problem-solving skills.

Contract Background

Ongoing events continue to affect the global industrial base and compromise to federal networks have increased the urgency of C-SCRM in building and maintaining trust and assurance in the products, services and suppliers of information communications technology (ICT) and operational technology (OT) for the Department of State.

Cyber supply chain risks, associated with an organization’s decreased visibility into and understanding of how information, communications, and ICT/OT are acquired, developed, integrated, and deployed; and how the services acquired are delivered. C-SCRM risks are also associated with processes, procedures and practices used to ensure the security, quality, integrity (authenticity) and resiliency of product, service or source of products and services.

C-SCRM risks may include, but are not limited to, the insertion of counterfeits, unauthorized production, malicious insider threats, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the cyber supply chain.

C-SCRM risks pose the potential for loss in confidentiality, integrity, or availability of information or information systems and reflect the potential for adverse impact on the Department and its mission.

Benefits
Full-time employees are eligible for 401(k) and Roth retirement plans, Medical, Dental, and Vision
Insurance (for employees and families), Supplemental Insurance, 11 Federal Holidays, and at least
three weeks of Paid Time Off (PTO), including sick and personal leave.

CRG is an equal opportunity employer. We make employment decisions based on merit,
qualifications, and business need. All qualified applicants receive consideration for employment
without regard to race, color, religion, sex, national origin, age, disability, status as a protected
veteran, or any other state or federally protected category.