Skip to main content

Program Manager

Posted by Veterans Sourcing Group

New York, NY
Permanent
Apply Now
Job Title: Program Manager
Duration: 12+ Months (Possible extension)
Location: New York, NY 10286
Onsite Role (4 days a week)

Responsibilities:
  • Seeking a seasoned Program Manager to lead the creation, authorization, and continuous governance of a FedRAMP-compliant Azure Government tenant underpinning government payment transaction services.
  • You will own the end-to-end programsystem boundary definition, documentation, ATO readiness, and continuous monitoringensuring sustained compliance at FedRAMP High
  • The ideal candidate blends rigorous compliance leadership with strong cloud security and platform enablement skills and has demonstrated success in -system subject to federal compliance.
Program Leadership and Governance:
  • Own the multi-year FedRAMP roadmap for an Azure Government tenant supporting government transactions; define milestones, risks, dependencies, and decision gates.
  • Establish governance forums and operating mechanisms across engineering, cloud platform, information security, risk/compliance, legal, payment operations, and 3PAOs.
  • Maintain program OKRs/KPIs: POA&M closure velocity, control coverage, vulnerability SLAs, ConMon completeness, audit readiness, and
  • Drive disciplined change control, evidence management, , and control attestation workflows aligned to FedRAMP requirements.
  • Manage external partners and 3PAO activities (readiness, assessments, remediation).
FedRAMP Authorization (ATO) Readiness:
  • Lead authoring and maintenance of FedRAMP artifacts: SSP and associated FedRAMP appendices, POA&M, policies/standards/procedures, boundary diagrams, and data flows tailored to Azure Government/GCC High constructs.
  • Define and maintain the system boundary and data categorization supporting payment transactions; align to FedRAMP High baseline.
  • Coordinate control implementation across all FedRAMP control families.
  • Conduct gap analyses against NIST SP 800-53 controls; drive remediation plans and ensure traceability from control narratives to technical and process evidence.
Continuous Monitoring & Operations:
  • Stand up and run Continuous Monitoring, in alignment with FedRAMP High guidelines, for the Azure Government tenant: scanning cadence, patch cycles, configuration baseline monitoring, control effectiveness checks, incident handling, and change compliance.
  • Own POA&M lifecycle: triage findings, prioritize by risk, execute corrective actions, validate closure, reporting outstanding actions, and update artifacts.
  • Maintain real-time dashboards and reporting for control posture, exceptions, residual risk, and operational health across payment services and shared services.
  • Ensure SSP and supporting documentation are promptly updated to reflect material changes to boundary, services, configurations, or controls.
  • Coordinate security incident response processes with SOC teams and act as interface with the client throughout the incident lifecycle including root cause analysis and closure.


Risk Management and Issue Resolution:
  • Maintain a program risk register spanning control gaps, architectural changes, data flows, vendor dependencies, and operational risks in payment services.
  • Escalate issues with quantified impact; drive compensating controls or risk acceptance decisions in partnership with risk/compliance.
Education/Experience:
  • Bachelor's degree in Information Security, Computer Science, Information Systems, or related field; equivalent experience considered.
  • 7+ years of program management in regulated cloud environments; 3+ years directly owning FedRAMP programs, artifacts, and Continuous Monitoring.
  • Hands-on oversight, authorship, maintenance, and response experience with SSP, POA&M, SAP/SAR; proven track record achieving/maintaining ATO for cloud services.
  • Deep knowledge of NIST SP 800-53 control families, FedRAMP Moderate/High baselines, ConMon processes, and 3PAO engagements.
  • Strong familiarity with Azure Government or GCC High and core security capabilities: identity/access, logging/monitoring, encryption, policy enforcement, landing zone patterns.
  • Demonstrated success orchestrating cross-functional teams (security, cloud/platform, payments, operations, compliance, legal) to deliver complex regulatory programs.
  • Exceptional communication skills: executive reporting, control narratives, audit responses, and stakeholder management.
  • Limited travel may be required for assessments, audits, or stakeholder workshops.
Preferred:
  • Direct experience enabling government payment transactions on cloud platforms and aligning control implementations to transactional risk profiles.
  • Azure-focused security experience (Defender for Cloud, Sentinel, Azure Policy/Blueprints, Key Vault, Private Link, Purview).
  • Prior experience collaborating with federal agencies, sponsoring organizations, or authorizing officials for Client.
  • Experience with security compliance to IRS 1075 requirements
  • Certifications: PMP, CISSP, CCSP, CISM, Azure Security Engineer Associate, or equivalent.
Apply Now

Job Type: Permanent

Job ID: 253474636

Apply Now

Related Sectors

Healthcare|Nursing|Registered Nurse|Cosmetology|Management|Engineering|Retail|Sales|Practice Nurse|Construction

Related by job title

Medical Surgical Registered Nurse Jobs|Registered Nurse Critical Care Float Pool Jobs|Critical Care Float Nurse Float Rn Jobs|Registered Nurse Float Critical Care Icu Jobs|Registered Nurse Icu Float Unit Jobs|Rn Float Pool Critical Care Jobs|Registered Nurse Icu Float Jobs|Registered Nurse Float Critical Care Jobs|Registered Nurse Icu Jobs|Registered Nurse Advanced Specialized Heart Failure Jobs