Previous Job
Program Manager with Security Knowledge - State of OH
Ref No.: 17-00054
Location: Columbus, Ohio
Start Date: 03/01/2017
Requirement Description:  short description on what they will be working on, objectives, and tasks/deliverables The selected Consultant will work closely with the designated DAS OISP CISO and their staff,  DPS ITO Chief's and supervisors, and the Client security group to address DPS IT security and to ensure all DPS IT related security issues are addressed.  The Program is defined as the DPS IT Security Program.  The DPS IT Security Program is reliant upon the DAS OISP Program.  At times DPS acts alone in IT Security needs and at other times works with DAS OISP.  The PM3 will liaise with DAS OISP as needed.  They will also liaise with other DPS units as required. The PM3 will manage the day-to-day operation of the DPS IT Security Program.
The program manager directs, controls, administers, and regulates an enhancement or development program.  The Program Manager is the individual ultimately responsible to the agency.  The Program Manager's primary responsibility is to drive the entire effort from start to finish.  The Program Manager must ensure that the program is completed on schedule and that the final product meets the business, technical and established quality requirements.
  1. Responsible for planning, analysis, design, construction, testing and implementation of DPS IT Security related requests from DAS OISP and DPS Units.
  2. Accountable for delivery of all work tasks identified in the DPS IT Security related tasks.
  3. Responsible for the capture and reporting of required program management metrics. 
  4. Ensure all changes to scope follow processes and are documented.
  5. Manage, and track the program progress against the program plan. Marry program plans as needed.
  6. Must understand basic IT security concepts and be able to relate them.
  7. Must be able to deep dive any IT security related concept, law, question or request. (Research and Report) 
  8. Familiarity with McAfee, Cisco, Imperva, Varonis and other Security vendors.
  9. Familiarity with common protocols and how they interact a must. (Ping, Netstat, FTP, SMTP, etc.)
  10. Process definition and assurance for network security functions.
  11. Liase with the Administrative Investigative Unit. Coordinate activities and provide solutions for self service.
  12. Access and understanding of common IT Security vulnerabilities and policies and procedures to mitigate them a requirement
  13. Monitor project milestones and phases to ensure the project is on schedule.  Take corrective actions if a project begins to slip its schedule.
  14. Prepares status reports on a periodic basis for program team, team leads, group leads, and program manager and appropriate stakeholders.
  15. Plan, organize, prioritize, and manage multiple work efforts.
  16. Develop the detailed program plan for the enhancement or development effort.
  17. Accountable for the final program management evaluation review with stakeholders for approval upon program completion.
  18. Answer questions, provide ad-hoc and formal training and work with DPS IT staff on IT Security related questions and inquires.
  19. Accountable to schedule or monitor status reviews, peer reviews, program management inspections, and software quality assurance work product and process reviews with the appropriate designated resources.
  20. Notify team leads of project timelines, milestones, phases, work requests target dates, and approved executable work package.
  21. Communicate and work with users and client as necessary.
  22. Coordinate and present proposals to agencies as necessary.
  23. Analyze and distribute reports on program metrics associated with work items releated to improvement measures.
  24. Ensure processes and activities are followed
This is canned statement with hours, background check and interview date/time During the interview process with the ODPS staff, the resource consultant must demonstrate competence/experience in their specific area(s) of project assignment. The resource's experience must also be documented for review and verification. Offered resources not showing technical or functional competence/experience will be sufficient reason to reject the Offeror's proposal.  It is the responsibility of the Offeror to pre-screen their candidates to ensure compliance.  Resource will have a background check conducted by ODPS.
  1. Strong communication/ leadership skills.
  2. Strong influence, collaboration and negotiation experience.
  3. Ability to collaborate with supporting resources across business and/or functional lines.
  4. Have excellent oral and written skills/possess strong meeting and work session facilitation skills.
  5. Have the ability to work independently and as part of a team, the ability to manage time and resources to meet assigned deadlines.
  6. Have strong understanding of prioritization stemming from the elicitation of system and/or user requirements.
  7. Have excellent organizational skills, proven analytical, planning, problem solving, and decision-making skills.
  8. Must be knowledgeable in the English language/speak clearly and understandably use the English language.
Mandatory Requirements/Time
  1.  CISSP Preferred
  2. 10 years Technical IT Security experience.  Defined as Working in an IT security unit providing technical knowledge, policy recommendations and mentoring to lower level staff.
  3. 3 years LEAD worker in a technical IT Security environment.  LEAD worker provides mentoring and guidance, specific to technical best practices and procedures.
  4. Experience in security control implementation; JSIG, CNSSI 1253, NIST 800-53 or ISFO Manual.
  5. ITIL Foundations Certification preferred. Familiar with ITIL and how ITIL can frame process and procedures in an Operations environment and understanding of how a Security Operations Unit will need to work in that Framwork.