Program Manager / Engagement Manager-Onsite

Job Title: Program Manager / Engagement Manager

Employment Type: Full-time; hybrid working mode; local or regional Consultant preferred for Greater Philadelphia area.

Key Responsibilities
Own task-order intake, triage, scoping coordination, work planning, schedule management, resource alignment, and deliverable tracking across all cybersecurity service areas.
Serve as the day-to-day management point of contact for County leadership, IT, security, compliance, legal, communications, and business stakeholders.
Coordinate delivery across GRC, technical assessment, incident response, IAM, cloud security, data protection, training, and executive advisory teams.
Maintain the master engagement plan, project calendars, action item logs, decision logs, risk/issue registers, dependency trackers, and status reporting cadence.
Lead kickoff meetings, recurring status meetings, executive check-ins, milestone reviews, deliverable review sessions, and project closeout meetings.
Coordinate County review and acceptance of deliverables, including assessment reports, risk registers, policy updates, IR plans, tabletop materials, roadmaps, dashboards, and training reports.
Track assumptions, constraints, scope boundaries, out-of-scope requests, change-control needs, and task-order budget consumption.
Manage subcontractor or specialty SME coordination when approved for incident response, penetration testing, training platform support, forensics, or technical remediation activities.
Ensure timely escalation of delivery risks, schedule risks, access delays, dependency blockers, and urgent cyber issues to the appropriate County and contractor leadership.
Support quality assurance by confirming deliverables are complete, internally reviewed, NIST-aligned where applicable, executive-ready, and consistent with task-order objectives.
Coordinate onsite support logistics when required for incident response, workshops, executive briefings, tabletop exercises, or assessment activities.
Ensure documentation discipline for meeting minutes, decisions, evidence requests, status reports, executive summaries, and final task-order closeout packages.

Technical Stack / Tools / Frameworks
MS Project, Microsoft Planner, Jira, ServiceNow, Azure DevOps, SharePoint, Teams, Excel, Power BI, Visio, Confluence, Smartsheet, risk registers, issue logs, dependency matrices, deliverable acceptance trackers, and executive dashboard tools.

Required Qualifications
10+ years of experience managing cybersecurity, IT, risk, compliance, or public-sector professional services engagements.
Experience managing task-order, on-call, IDIQ-like, or multi-workstream consulting contracts.
Demonstrated ability to manage senior stakeholders, technical SMEs, executive briefings, and cross-functional delivery teams.
Strong understanding of cybersecurity program delivery, NIST-aligned assessments, incident response readiness, IAM, cloud security, and compliance-driven projects.
Experience supporting government, county, municipal, public safety, healthcare, justice, elections, or regulated environments preferred.
Ability to manage hybrid teams and support local onsite needs as required.

Preferred Certifications / Credentials
PMP strongly preferred; CSM, SAFe, ITIL, Security+, CISSP Associate, or equivalent project/program delivery credentials desirable.

Working Mode and Local Preference
Full-time role supporting a hybrid delivery model with remote work and onsite presence as required by County meetings, workshops, assessments, tabletop exercises, or authorized incident response needs.
Local or regional Consultants are preferred for onsite coordination needs; Consultants must be able to travel to County locations when task-order or incident conditions require.
Consultant must be comfortable working with public-sector stakeholders, sensitive information, regulated data, and multi-department operating environments.