ROLE
|
Sr Project Manager
|
LOCATION
|
Dimondale MI
|
DURATION
|
LONG TERM
|
RATE
|
DOE
|
DIRECT CLIENT
|
YES
|
INTERVIEW TYPE
|
In-Person Only
|
Local candidates
strongly preferred
State Experience Highly
Preferred
U.S. Citizens Only
ALL candidates MUST be able
to attend a personal interview, NO phone interviews, NO Skype, NO exceptions
|
|
Job Description
The required position is for a
Senior Project Manager to lead multiple Information Technology (IT) projects
in support of the Michigan Department of Treasury. As a member of the Project
Management Office (PMO), the project manager will follow the State's SUITE
methodology (and required deliverables), and utilize the State's Project and
Portfolio Management (PPM) too, to perform project planning through project
closeout.
Skills, Experience and Qualification Areas for Audit,
Assurance and Compliance Projects
•
5 to 10 years or more experience working in
regulated financial industry or in a financial organization / department.
Examples
·
Banking
·
E-Commence
·
FDIC or IRS
·
Federal / State / Large Local Government
Treasury Departments
·
University or Research organization which
operates under PCI, IRS, FERPA, GLBA, or similar regulations.
5 years+ IT Compliance, IT Security or IT Audit Experience
involving? the following technology areas:?technology architecture, data
center controls, databases and data management, application life cycle,
encryption and key management, server management, networking, vulnerability
management, incident management, business continuity and disaster
recovery.?
•
Ability to research, appropriately interpret and apply complex regulations,
technical standards and guidance. Examples:
·
IRS Tax Code – IRS IRC 61016 and? IRS
Publication 1075
·
NIST Technical Series Publications
·
Payment Card Industry Data Security Standards
(PCI DSS)
·
Federal Information Security Management Act
(FISMA)
·
Sarbanes Oxley 404 -? General IT
Controls
·
Open Web Application Security Project
(OWASP)
•
Working knowledge of PCI DSS, IRS Safeguards
Reviews, and / or other regulatory or compliance type reviews, attestation
engagements, etc.
•
General understanding of penetration testing,
host vulnerability scanning, network security and application (code)
scanning.
•
Demonstrated ability to assess risk, with a
general understanding of compensating and mitigating controls.
•
Ability to understand the audit lifecycle,
system development lifecycle and IT project lifecycle.
•
Demonstrated ability to summarize technical
information in a manner appropriate for executives.
•
Demonstrated ability to successfully lead and
coach teams comprised of both functional and technical personnel.
Demonstrated ability to work across a complex network of stakeholders,
technology teams, business teams, vendors /other supporting external
parties.
•
Contract Management Experience. (May
need to work with vendors who are operating under various, different SOM
contracts. May need to contribute to / provide project management skills for
Pen Test Statement of Work, PCI QSA Statement of Work and other SOWS for
remediation.)
Responsibilities for PCI and IRS Program / Project
Manager:
•
Manage cyber security, infrastructure teams,
agency application teams, vendors, third-party auditors, and client sponsor
team to earn the annual Report on PCI Compliance and the triennial IRS
Safeguards Review Engagement. Team sizes of ~ 100 to 250 members across 16
agencies.
•
Work with the sponsors to coordinate the
annual PCI on-site assessment and triennial IRS Safeguards On-Site
Review. Provide metrics to demonstrate resource need.
•
Lead and / or participate in PCI? Core Team
Meetings and IRS Safeguards Review Core Team Meetings
•
Lead / Co-Lead PCI Steering Committee Meetings
and IRS Safeguards Review Steering Committee
•
Manage quarterly data loss prevention /
inspection activates
•
Manage and escalate issues where PCI
compliance may be at risk.
•
Working with the Treasury Sponsor, track and
report on the PCI compliance status of payment processes and applications so
that enterprise level compliance can be determined.
•
Track and report on the remediation plans and
timelines associated with PCI gaps / vulnerabilities.
•
Coordinate the delivery of annual PCI
Application Training for developers
•
Working with the Agency and Technology
Sponsors and PCI Core Team host the annual PCI Kick-Off Meeting
•
Working with the Agency and Technology
Sponsors, to plan for and host the IRS Safeguards On-site Review
•
Track effort and costs associated with the
Compliance Projects (e.g., PCI and IRS Safeguards)
•
Prepare status reports for various audiences
(general stakeholders, technical participants, business/functional participants
and executives)
•
Collect, organize and analyze evidence
demonstrating PCI Compliance
•
Lead sessions to develop compensating controls
and risk management plans
Preferred Desired Skills
•
Technical Security Certification preferred.
Examples: CISSP, CSX, or CISA.
•
Project Management Certifications
required: PMP
|
Skills
|
Required
|
Years Used
|
Last Used
|
Solid skills in project management
utilizing a formal project management methodology.
|
7 Years
|
||
Solid skills in project scheduling
utilizing a project scheduling tool such as MS Project.
|
7 Years
|
||
Solid skills in Microsoft Word, Excel and
PowerPoint.
|
7 Years
|
||
Strong leadership and communication skills.
|
7 Years
|
||
Ability to communicate technical
terminology at levels appropriate to the audience both orally and in writing.
|
7 Years
|
||
Experience in project planning, scheduling,
tracking, issue/risk management, and status reporting.
|
7 Years
|
||
Experience in working with Senior
Management
|
5 Years
|
||
Project Management Professional
certification from PMI.
|
Required
|
||
Technical Security Certification preferred.
Examples: CISSP, CSX, or CISA
|
Required
|
||
Experience developing Project Charter,
Project Communication Plan, Risk/Issue Plan, Resource Plan and definition of
budget estimates.
|
7 Years
|
||
Experience managing PCI and IRS projects.
|
3 Years
|
||
US Citizens only
|
No comments:
Post a Comment