steampunk
Senior Project Manager
Job description
Overview
Steampunk is seeking a Senior Project Manager to advance the Risk Operations (RiskOps) implementation for a large-scale federal cybersecurity and compliance program. You will drive program management activities across the Continuous Threat Exposure Management (CTEM) pipeline, the data lakehouse, and a multi-year security maturity roadmap. In this role, you will coordinate a cross-functional team of Risk Managers, Security Engineers, SecDevOps, AI, GRC Support, and Change Management specialists to keep workstreams aligned, and the RiskOps project moving from strategy to results.
Responsibilities
As a Senior Project Manager, you will lead project delivery in a government consulting environment, serving as client liaison, team coach, and mentor. You will also:
- Oversee RiskOps roadmap execution, driving phase transitions to completion and resolving key dependencies across maturity milestones.
- Maintain the master program schedule, backlog, and PI plans across all workstreams.
- Facilitate Scrum of Scrums, sprint planning, and PI planning events to maintain enterprise-wide risk awareness.
- Coordinate across Security Engineers, SecDevOps, AI, GRC Support, Change Management, and Service Design to keep delivery aligned.
- Identify and resolve dependencies, blockers, and integration risks across RiskOps and CTEM pipelines.
- Align technical delivery schedules with program milestones across data and automation workflows.
- Serve as the primary point of contact for government stakeholders and program leadership.
- Prepare and deliver status reports, risk registers, milestone dashboards, and executive briefings.
- Support recurring program cadences to maintain enterprise-wide awareness of risk posture and emerging capabilities.
- Maintain risk and issue logs; develop mitigation plans and escalate appropriately.
- Drive process improvements aligned to the security maturity roadmap, including compliance workflow automation and POA&M lifecycle management.
- Work with our change manager to implement an effective change management strategy to support the adoption of new tools, workflows, and operating model changes.
- Establish and track program datapoints, contract performance metrics, and KPIs.
- Maintain Security Playbooks, SOPs, and related program documentation as living references covering services, processes, tools, and governance.
- Work with the Program Manager and government to identify resourcing needs and manage financials for the RiskOps project.
Qualifications
Required
•
- Local to the Washington, DC Metro area; required to be onsite 1 day per week
- Ability to obtain a U.S. government Public Trust security clearance.
- Master's degree in a related field and 7 years of relevant experience; OR Bachelor's degree and 10 years of relevant experience; OR 16 years of relevant experience without a degree.
- At least one active certification in project management: PMP, PRINCE2 Practitioner, PMI-ACP, CSM, or SAFe SPC (or equivalent).
- Experience supporting federal government IT programs within a national security agency environment.
- Familiarity with Governance, Risk, and Compliance (GRC), FISMA, FedRAMP, and continuous ATO (cATO) processes
- Knowledge of cybersecurity frameworks including NIST 800-53, CTEM, and vulnerability management lifecycle.
- Familiarity with GRC tools.
- Experience managing programs with data analytics, dashboard development, or automation components.
- Familiarity with DevSecOps and the software factory concept.


