Cybersecurity Risk Assessment Engagement Manager (Project Manager) - Contingent at ARETUM Holdings LLC – Bethesda, Maryland

Public Trust Eligibility Required

This is a contingent position, meaning employment is dependent upon the successful award of the associated contract to Aretum and completion of any required background investigation or security clearance verification.

About Aretum

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.

Job Summary

Aretum is seeking a Cybersecurity Risk Assessment Engagement Manager (Project Manager) to lead and deliver cybersecurity and IT risk assessment engagements for federal clients. This role is responsible for end-to-end project execution—scope, schedule, staffing, deliverables, and client communications—while also providing hands-on leadership and technical direction for assessing government systems, identifying vulnerabilities, and improving security posture.

Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.

Responsibilities

• Lead end-to-end delivery of cybersecurity/IT risk assessment engagements managing scope, scheduled, resources, risks, and deliverables
• Serve as the primary client point of contact; provide clear status updates, briefings, and issue resolution to keep stakeholders aligned
• Direct assessment activities to evaluate government systems and networks, identify vulnerabilities, and document findings and recommendations
• Oversee A&A/RMF support and author review/ required security documentations (as applicable), ensuring completeness and audit readiness
• Manage POA&M development and remediation tracking, including evidence-based closure support and continuous monitoring reporting
• Coordinate cross-functional teams (security, engineering, operations) to execute assessment plans and maintain quality standards across deliverables
• Advise technical and non-technical stakeholders on security risks, control implementation, and practical mitigation strategies
• Stay current on federal cybersecurity guidance and requirements and communicate impacts to the team and client
• Support proposal efforts and other program needs as required in a federal consulting environment

• Minimum 5 years of experience managing cybersecurity or IT risk assessment projects (project/engagement leadership, delivery management, and client-facing communications)
• 5+ years of technical experience in Cybersecurity
• 5+ years of experience with Federal Assessment Authorization (A&A) and maintaining IT security policies/processes/guidance
• Demonstrated experience in project management, network design concepts, and testing the security of government systems to identify vulnerabilities (including coordinating assessment execution and reporting)
• 3+ years in a leadership role supporting a Federal Government Agency (or comparable federal client-facing leadership)
• Experience applying NIST Cybersecurity Framework; FedRAMP experience preferred/beneficial
• Experience developing/managing continuous monitoring and POA&Ms
• Strong written/verbal communication skills, attention to detail, and ability to advise varied audiences

Preferred Qualifications

• Bachelor's degree in information systems, Computer Science, or related field
• Preferred Certifications:
• GIAC Web Application Penetration Tester (GWAPT)
• Certified Ethical Hacker (CEH)
• GIAC Systems and Network Auditor (GSNA)
• Certified Penetration Tester (CPT)
• Certified Expert Penetration Tester (CEPT)
• GIAC Certified Web Application Defender (GWEB)
• Offensive Security Certified Professional (OSCP)
• CREST Penetration Testing Certifications

Travel Requirements

This is a hybrid position, with work performed both remotely and at designated client or corporate locations, as needed. Travel requirements may vary depending on project assignments, client meetings, or internal collaboration and will be communicated in advance whenever possible.

EEO Statement

Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.

As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.

We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience.

If you require reasonable accommodation during the hiring process due to a disability, please contact hr@aretum.com for assistance.

Equal Opportunity Employer/Veterans/Disabled

U.S. Work Authorization

Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements.

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off
• Family Leave (Maternity, Paternity)
• Short Term & Long-Term Disability
• Training & Development

ARETUM utilizes e-Verify to check employment authorization.

EEO/AA/F/M/Vet/Disabled.