Cyber Lead, Risk and Vulnerability

About Us: 

Gen3 Technology Consulting is an SBA Certified Woman-Owned Small Business (WOSB) providing a diverse set of technology services and solutions to federal and commercial clients. Founded in 2017, Gen3 leverages over 25 years of information technology management and leadership experience to help our clients define, plan, manage, and achieve their strategic vision while protecting their critical IT assets. We attract and retain the highest caliber of talent by supporting an inclusive work environment, cultivating growth and leadership both professionally and personally, and encouraging work-life balance. We strive to make it our priority to be compassionate, family-friendly, respectful, and flexible.

Gen3’s Joint Ventures, Pivotal Impact (JV with Caladwich) and VetCentric (JV with PingWind) expand our team’s knowledge and expertise as we pool resources to bring federal agencies strong technical, program management, and cyber security solutions, derived from a disciplined management consulting approach.

About the Role:
Gen3 seeks a well-rounded Cyber Lead, Risk and Vulnerability to play a key role in supporting the IRS ISSM Vulnerability Compliance and Remediation Program. This program is based on four pillars: Vulnerability Remediation, Compliance, Asset Management, and Continuous Monitoring. The ideal candidate will lead the implementation of a cybersecurity program rollout, directly contributing to managing cyber risks, influencing client stakeholders, and improving the agency’s cybersecurity posture. This position will also require a strong consulting background and expertise in cyber organizational change management to enhance and modernize existing frameworks, ensuring alignment with best practices and regulations.
Location: Remote, US. (DMV area or East Coast preferred).
What You’ll Do:

• Lead the implementation of the ISSM Vulnerability Compliance and Remediation Program, ensuring timely rollout of automated processes and tools.
• Design and manage a comprehensive vulnerability management framework, including identifying, categorizing, and prioritizing vulnerabilities while tracking remediation efforts.
• Conduct risk assessments and provide actionable recommendations to address cyber risks and vulnerabilities.
• Stay informed on evolving cyber policies, especially those related to risk and vulnerability, and ensure compliance with NIST and IRS-specific regulations.
• Develop and enforce cybersecurity policies and procedures to enhance organizational resilience.
• Act as a trusted advisor to the IRS, influencing clients and gaining stakeholder buy-in for cybersecurity initiatives.
• Leverage a consulting approach to drive organizational change management, improving the status quo by introducing innovative solutions.
• Lead and mentor a team of cybersecurity professionals, fostering a culture of continuous improvement and professional growth.
• Regularly communicate program progress, risks, and successes to senior management and stakeholders.
• Evaluate and implement advanced cybersecurity tools and technologies to enhance program efficiency and effectiveness.

What You’ll Need:

• Bachelor’s degree in technical discipline and 8 years of experience in cybersecurity, risk management, or a related field. Ten years of experience can be considered in lieu of a degree.
• Familiarity with the Federal Information Security Management Act (FISMA) and NIST standards.
• Expertise in vulnerability management, risk assessment, and compliance frameworks.
• Strong understanding of cyber policies, specifically related to risk and vulnerability.
• Proven ability to influence clients and gain stakeholder buy-in for cybersecurity programs.
• Experience in consulting environments, with a focus on driving organizational change management.
• Previous experience supporting federal or state agencies, especially the Internal Revenue Service (IRS). Active Public Trust clearance/higher or the ability to obtain one.

What’s Desired to Have:

• Knowledge of the Internal Revenue Manual (IRM) and Office of Budget Management (OBM) requirements.
• Expertise in privacy engineering and compliance-related responsibilities.