Cybersecurity Risk Assessment Engagement Manager (Project Manager) - Contingent

About the position Aretum is seeking a Cybersecurity Risk Assessment Engagement Manager (Project Manager) to lead and deliver cybersecurity and IT risk assessment engagements for federal clients. This role is responsible for end-to-end project execution—scope, schedule, staffing, deliverables, and client communications—while also providing hands-on leadership and technical direction for assessing government systems, identifying vulnerabilities, and improving security posture. Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements. Responsibilities • Lead end-to-end delivery of cybersecurity/IT risk assessment engagements managing scope, scheduled, resources, risks, and deliverables • Serve as the primary client point of contact; provide clear status updates, briefings, and issue resolution to keep stakeholders aligned • Direct assessment activities to evaluate government systems and networks, identify vulnerabilities, and document findings and recommendations • Oversee A&A/RMF support and author review/ required security documentations (as applicable), ensuring completeness and audit readiness • Manage POA&M development and remediation tracking, including evidence-based closure support and continuous monitoring reporting • Coordinate cross-functional teams (security, engineering, operations) to execute assessment plans and maintain quality standards across deliverables • Advise technical and non-technical stakeholders on security risks, control implementation, and practical mitigation strategies • Stay current on federal cybersecurity guidance and requirements and communicate impacts to the team and client • Support proposal efforts and other program needs as required in a federal consulting environment Requirements • Minimum 5 years of experience managing cybersecurity or IT risk assessment projects (project/engagement leadership, delivery management, and client-facing communications) • 5+ years of technical experience in Cybersecurity • 5+ years of experience with Federal Assessment Authorization (A&A) and maintaining IT security policies/processes/guidance • Demonstrated experience in project management, network design concepts, and testing the security of government systems to identify vulnerabilities (including coordinating assessment execution and reporting) • 3+ years in a leadership role supporting a Federal Government Agency (or comparable federal client-facing leadership) • Experience applying NIST Cybersecurity Framework; FedRAMP experience preferred/beneficial • Experience developing/managing continuous monitoring and POA&Ms • Strong written/verbal communication skills, attention to detail, and ability to advise varied audiences • Public Trust Eligibility Required • U.S. Work Authorization Nice-to-haves • Bachelor's degree in information systems, Computer Science, or related field • GIAC Web Application Penetration Tester (GWAPT) • Certified Ethical Hacker (CEH) • GIAC Systems and Network Auditor (GSNA) • Certified Penetration Tester (CPT) • Certified Expert Penetration Tester (CEPT) • GIAC Certified Web Application Defender (GWEB) • Offensive Security Certified Professional (OSCP) • CREST Penetration Testing Certifications Benefits • Health Care Plan (Medical, Dental & Vision) • Retirement Plan (401k) • Life Insurance (Basic, Voluntary & AD&D) • Paid Time Off • Family Leave (Maternity, Paternity) • Short Term & Long-Term Disability • Training & Development Apply tot his job