Job Description :
EPMO Program Manager (565402)
Dimondale MI
12 Months
Need Local OR regional & F2F
Need USC
Short Description:
Designs, plans, and coordinates work teams. Follows standard project management industry practices such as the PMI''s framework. Understands business and technical objectives of a project and works closely with project sponsor.
Complete Description:
The required position is for a Senior Project Manager to lead multiple Information Technology (IT) projects in support of the Michigan Department of Treasury. As a member of the Project Management Office (PMO), the project manager will follow the State''s SUITE methodology (and required deliverables), and utilize the State''s Project and Portfolio Management (PPM) too, to perform project planning through project closeout.
Skills, Experience and Qualification Areas for Audit, Assurance and Compliance Projects
5 to 10 years or more experience working in regulated financial industry or in a financial organization / department. Examples:
Banking
E-Commence
FDIC or IRS
Federal / State / Large Local Government Treasury Departments
University or Research organization which operates under PCI, IRS, FERPA, GLBA, or similar regulations.
5 years+ IT Compliance, IT Security or IT Audit Experience involving? the following technology areas: technology architecture, data center controls, databases and data management, application life cycle, encryption and key management, server management, networking, vulnerability management, incident management, business continuity and disaster recovery
Ability to research, appropriately interpret and apply complex regulations, technical standards and guidance. Examples:
IRS Tax Code – IRS IRC 61016 and?IRS Publication 1075
NIST Technical Series Publications
Payment Card Industry Data Security Standards (PCI DSS)
Federal Information Security Management Act (FISMA)
Sarbanes Oxley 404 General IT Controls
Open Web Application Security Project (OWASP)
Working knowledge of PCI DSS, IRS Safeguards Reviews, and / or other regulatory or compliance type reviews, attestation engagements, etc.
General understanding of penetration testing, host vulnerability scanning, network security and application (code) scanning.
Demonstrated ability to assess risk, with a general understanding of compensating and mitigating controls.
Ability to understand the audit lifecycle, system development lifecycle and IT project lifecycle.
Demonstrated ability to summarize technical information in a manner appropriate for executives.
Demonstrated ability to successfully lead and coach teams comprised of both functional and technical personnel. Demonstrated ability to work across a complex network of stakeholders, technology teams, business teams, vendors /other supporting external parties.
Contract Management Experience. (May need to work with vendors who are operating under various, different SOM contracts. May need to contribute to / provide project management skills for Pen Test Statement of Work, PCI QSA Statement of Work and other SOWS for remediation
Responsibilities for PCI and IRS Program / Project Manager:
Manage cyber security, infrastructure teams, agency application teams, vendors, third-party auditors, and client sponsor team to earn the annual Report on PCI Compliance and the triennial IRS Safeguards Review Engagement. Team sizes of 100 to 250 members across 16 agencies.
Work with the sponsors to coordinate the annual PCI on-site assessment and triennial IRS Safeguards On-Site Review. Provide metrics to demonstrate resource need.
Lead and / or participate in PCI? Core Team Meetings and IRS Safeguards Review Core Team Meetings
Lead / Co-Lead PCI Steering Committee Meetings and IRS Safeguards Review Steering Committee
Manage quarterly data loss prevention / inspection activates
Manage and escalate issues where PCI compliance may be at risk.
Working with the Treasury Sponsor, track and report on the PCI compliance status of payment processes and applications so that enterprise level compliance can be determined.
Track and report on the remediation plans and timelines associated with PCI gaps / vulnerabilities.
Coordinate the delivery of annual PCI Application Training for developers
Working with the Agency and Technology Sponsors and PCI Core Team host the annual PCI Kick-Off Meeting
Working with the Agency and Technology Sponsors, to plan for and host the IRS Safeguards On-site Review
Track effort and costs associated with the Compliance Projects (e.g., PCI and IRS Safeguards)
Prepare status reports for various audiences (general stakeholders, technical participants, business/functional participants and executives)
Collect, organize and analyze evidence demonstrating PCI Compliance
Lead sessions to develop compensating controls and risk management plans
Preferred Desired Skills
Technical Security Certification preferred. Examples: CISSP, CSX, or CISA.
Project Management Certifications required: PMP
Required / Desired Skills:
Solid skills in project management utilizing a formal project management methodology.
Solid skills in project scheduling utilizing a project scheduling tool such as MS Project.
Solid skills in Microsoft Word, Excel and PowerPoint.
Strong leadership and communication skills.
Ability to communicate technical terminology at levels appropriate to the audience both orally and in writing.
Experience in project planning, scheduling, tracking, issue/risk management, and status reporting.
Experience in working with Senior Management
Project Management Professional certification from PMI.
Technical Security Certification preferred. Examples: CISSP, CSX, or CISA
Experience developing Project Charter, Project Communication Plan, Risk/Issue Plan, Resource Plan and definition of budget estimates.
Experience managing PCI and IRS projects.