Cybersecurity Program Manager (GRC)

Be Challenged and Make a Difference In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture. Description of Task to be Performed: AnaVation is seeking a senior-level Cybersecurity Program Manager (GRC) with an active Top Secret clearance. The ideal candidate will have Federal Program Management experience with teams of at least 20 cybersecurity personnel plus hands-on experience leading IT Security Audits and SA&A activities. This is a full-time position located onsite with our customer in Washington DC. What you will be doing Fully accountable for planning, organizing, and executing all aspects of program scope, schedule, cost, technical, and staffing performance and activities on complex cybersecurity contracts to ensure exceptional service delivery Manage subcontractors to ensure their strict adherence to AnaVation and client standards of quality and performance; provide a “one team” view to the client Ensure timely, complete, high-quality contract deliverables; ensure SLOs are met or exceeded 100% of the time Interface with client’s senior management personnel, including briefings up to CIO/CISO level Lead IT Security Audits including FISMA, FISCAM, IRS, and OIG Leverages industry knowledge, best practices, lessons learned and stakeholder feedback to develop, implement and continuously improve GRC services Optimize processes to maximize efficiencies within the team and program, including GRC automation and functional integration across task areas and teams Be a positive change agent, both within and outside the organization; propagate our corporate culture throughout the program Lead risk management activities, including identification and recommended mitigations; track and manage risks and issues through closure Build, grow, and develop high-performing teams aligned with the client’s mission and strategy Manage program personnel to include interviewing, hiring, performance evaluations, compensation, and training and development Guide and mentor subordinate managers, team leads, and staff Work closely with the client to function as the single point of contact and accountability, ensuring that all technical work, communications, and decision-making remain aligned, timely, and defensible Serve as Quality Control Manager ensuring all deliverables and assigned tasks meet QASP requirements Must have the ability to work in a dynamic environment and adapt to changing conditions Must possess a high degree of originality, creativity, and initiative requiring minimal supervision Benefits         Generous cost sharing for medical insurance for the employee and dependents         100% company paid dental insurance for employees and dependents         100% company paid long-term and short-term disability insurance         100% company paid vision insurance for employees and dependents         401k plan with generous match and 100% immediate vesting         Competitive Pay         Generous paid leave and holiday package         Tuition and training reimbursement         Life and AD&D Insurance About AnaVation AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team. If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you! AnaVation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Required Qualifications: Minimum Qualifications (Education/Certifications, Experience, etc): Active PMP, CISSP, and CISM certifications Bachelor’s Degree in IT, Cybersecurity, Business, or related 15+ years managing GRC-centric cybersecurity programs with at least 25 people 5+ years leading IT security audits including FISMA, FISCAM, IRS, OIG, etc 1+ years leading FISMA metrics reporting 1+ years leading cybersecurity shared services (e.g., SOC-aaS, GRC-aaS) Clearance: Active Top Secret clearance Other Required Skills & Qualifications: Experience with IT Security Assessment & Authorization (SA&A) processes and documentation sufficient to mentor and advise team members Experience with GRC tools such as vulnerability management, vulnerability scanning, endpoint management, data protection, SIEM, and GRC automation platforms Expert-level command of the English language (oral and written), with experience interacting effectively at the CIO and CISO levels of large organizations Expert-level organizational skills and ability to keep a multitude of tasks and projects on track at all times and with minimal supervision Location: This position is currently performed remotely but the work location is subject to change at the customer’s sole discretion. Candidates must be located in the DC-metro area and be willing to adapt to a hybrid or on site work location in Washington DC if required. Preferred Qualifications: Prior experience as an ISSO/ISSM/ISSE or SCA

{
  "content_hash": "d9856e9159fa8fb9aed4e543bc2f6f6a304624ad161156035a227fb9d57a2a12",
  "source_hash": "bc9f7ada10680ea6c4ce9dd25c874cd849b7ab74ac13532cc670bdda21d84abf",
  "last_changed_at": "2026-05-29T07:09:13.127Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Washington, DC",
    "city": "Washington",
    "region": "DC",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.9
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T07:57:21.608Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Washington, DC",
      "city": "Washington",
      "region": "DC",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": null,
  "workplace_type": "on_site",
  "salary_currency": null
}

{}

{
  "lists": [
    {
      "text": "Required Qualifications:",
      "content": "<p><strong>Minimum Qualifications (Education/Certifications, Experience, etc):</strong></p>\n\n<li>Active PMP, CISSP, and CISM certifications</li>\n<li>Bachelor’s Degree in IT, Cybersecurity, Business, or related</li>\n<li>15+ years managing GRC-centric cybersecurity programs with at least 25 people</li>\n<li>5+ years leading IT security audits including FISMA, FISCAM, IRS, OIG, etc</li>\n<li>1+ years leading FISMA metrics reporting</li>\n<li>1+ years leading cybersecurity shared services (e.g., SOC-aaS, GRC-aaS)</li>\n\n<p><strong>Clearance:</strong></p>\n\n<li>Active Top Secret clearance</li>\n\n<p><strong>Other Required Skills &amp; Qualifications:</strong></p>\n\n<li>Experience with IT Security Assessment &amp; Authorization (SA&amp;A) processes and documentation sufficient to&nbsp;mentor and advise team members</li>\n<li>Experience with GRC tools such as vulnerability management, vulnerability scanning, endpoint management,&nbsp;data protection, SIEM, and GRC automation platforms</li>\n<li>Expert-level command of the English language (oral and written), with experience interacting effectively at the&nbsp;CIO and CISO levels of large organizations</li>\n<li style=\"text-align: left;\">Expert-level organizational skills and ability to keep a multitude of tasks and projects on track at all times and with minimal supervision</li>\n\n<div style=\"text-align: left;\"><strong>Location:</strong></div>\n\n<li>This position is currently performed remotely but the work location is subject to change at the customer’s sole discretion. Candidates must be located in the DC-metro area and be willing to adapt to a hybrid or on site work location in Washington DC if required.</li>\n"
    },
    {
      "text": "Preferred Qualifications:",
      "content": "\n<li>Prior experience as an ISSO/ISSM/ISSE or SCA</li>\n"
    }
  ],
  "country": "US",
  "createdAt": 1775054873386,
  "updatedAt": null,
  "categories": {
    "team": "Federal Law Enforcement",
    "location": "Washington, DC",
    "commitment": "Full Time",
    "department": "AnaVation Job Opportunities",
    "allLocations": [
      "Washington, DC"
    ]
  },
  "salaryRange": null,
  "workplaceType": "onsite"
}