IT Security Manager

Protect and Strengthen Federal Systems with TechFlow Inc.!

TechFlow is seeking an experienced IT Security Manager to lead cybersecurity efforts for a high-impact federal program. In this critical role, you'll oversee the implementation, documentation, and continuous monitoring of security controls to safeguard applications that support governmentwide IT portfolio management. You'll ensure compliance with federal security standards such as FISMA and NIST SP 800-53, coordinate with key stakeholders, manage POA&Ms, and support Authorization to Operate (ATO) activities. If you're driven by the mission of securing vital government systems and ensuring operational resilience, TechFlow offers an opportunity to lead meaningful cybersecurity initiatives that make a difference.

*This is a remote position but will require support on site at client location Washington DC on occasion.

Key Responsibilities

• Serve as the primary cybersecurity lead for the program, overseeing implementation, assessment, and continuous monitoring of security controls for applications managed by the CPIC PMO.
• Ensure compliance with federal cybersecurity standards and frameworks, including FISMA, NIST SP 800-53, and the Risk Management Framework (RMF).
• Coordinate with the customer's Information System Security Officer (ISSO), system owners, and other stakeholders to maintain security authorization and compliance.
• Manage and track Plans of Action and Milestones (POA&Ms) to ensure timely remediation of identified vulnerabilities and audit findings.
• Lead preparation, documentation, and submission activities to support system Authorization to Operate (ATO) and ongoing authorization processes.
• Oversee incident response procedures, ensuring rapid identification, investigation, and mitigation of cybersecurity events.
• Conduct risk assessments, vulnerability scans, and security reviews to proactively identify and address potential threats.
• Maintain system security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Continuous Monitoring Plans.
• Provide cybersecurity guidance to development and operations teams to ensure secure design, configuration, and deployment of applications.
• Monitor compliance with change management and configuration control procedures to maintain system integrity.
• Prepare and deliver regular security status reports, dashboards, and briefings to leadership and the customer.
• Champion a culture of cybersecurity awareness and continuous improvement across the program team.

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related discipline (Master's preferred).
• 8+ years of progressive experience in IT security management or cybersecurity operations within federal environments.
• Deep knowledge of federal cybersecurity frameworks, including FISMA, NIST SP 800-53, NIST RMF, and FedRAMP.
• Demonstrated experience supporting system authorization (ATO) activities and managing POA&Ms.
• Proven ability to lead incident response, vulnerability management, and continuous monitoring processes.
• Experience working with ISSOs, auditors, and federal compliance stakeholders.
• Familiarity with tools such as Nessus, Splunk, AWS Security Hub, or equivalent monitoring and assessment platforms.
• Strong understanding of cloud security, access control, and data protection principles.
• Excellent communication and leadership skills with the ability to brief executives and collaborate across technical and non-technical teams.
• Security certifications required: CISSP, CISM, or CAP (other relevant credentials such as Security+ or CEH are a plus).
• U.S. Citizenship and ability to obtain or maintain a Public Trust clearance required.

Founded in 1995 at the start of the dot-com revolution, TechFlow helped large commercial clients such as DreamWorks, Toshiba, MGM, and others modernize their business systems. Today, with deep operational roots in the bi-coastal innovation hubs of California and Washington DC, TechFlow continues as a leader in applying innovative engineering, technology, integration solutions, and support services to the Federal Government's most demanding mission and business challenges.

Our culture thrives on out-of-the-box thinking and the unique powerful entrepreneurial expressions of our employee-owners. As a 100% employee-owned company, we have a shared expectation of commitment, accountability, and responsibility driven by a culture that embraces innovation and new ideas. Our goal is not to do what has been done, but to do it better.

TechFlow has four principal lines of business: Platform Services, Digital Services, Base Operations and Energy and Mobility Solutions. Our company has a strong track record of successful contracts in both areas and encourages cross-collaboration.

TechFlow, Inc is 100% employee-owned. Come make a difference in a job that contributes to your future and helps us build an agile workplace!

• Employee stock ownership plan (ESOP) - Pride in being an employee-owner and annual employer contribution (per plan guidelines)
• 401k plan with Roth option.
• Eligibility for an employer match.
• Immediate vesting
• Paid time off
• Holidays - 11 paid holidays per year
• Comprehensive medical, dental, and vision plans
• Company-paid Life & AD&D insurance plan
• Employee Assistance Program
• Wellness Resources
• Company-paid training and development program
• Voluntary benefits include:
• Life & AD&D Insurance for employee, spouse, and children
• Short-term and long-term disability (per plan guidelines)
• Legal Shield and Identity Theft protection plans
• Pet Insurance

#techflow