Audit Remediation Project Manager

Location: 6314 Remote/Teleworker US

Time Type: Full time

Job Description

The Audit Remediation Project Manager leads audit remediation execution for the SEC ISS contract by directing project tasks, deliverables, and team performance across vulnerability and compliance workstreams. This role manages the end-to-end lifecycle of audit findings, including triage, corrective action planning, remediation, and closure tracking for iCFR, FISMA, GAO, and OIT Security audits. The position translates high-level ISS program priorities into detailed assignments, schedules, and measurable outcomes aligned to SEC governance and reporting requirements. The manager maintains visibility into risk posture, open vulnerabilities, and remediation progress, including support for Known Exploited Vulnerabilities (KEV) remediation timelines and continuous process improvement.

PRIMARY RESPONSIBILITIES

Audit Remediation Leadership

• Manage and oversee the audit remediation team executing project tasks and contract deliverables across ISS security and infrastructure support areas.

• Lead triage of new audit findings, assign accountable resources, and establish corrective action plans with defined closure criteria.

• Coordinate remediation activities for internal and external audits, including iCFR, FISMA, GAO, and OIT Security assessments.

• Ensure remediation evidence, status updates, and supporting documentation are complete, timely, and audit-ready for SEC review.

Vulnerability Management and Risk Reduction

• Oversee identification, tracking, prioritization, and resolution of vulnerabilities across endpoints and infrastructure.

• Direct teams in reviewing vulnerability reports, assessing severity and impact, and sequencing remediation to reduce mission risk.

• Monitor closure activities and enforce remediation timelines, including KEV remediation within required timelines.

• Drive proactive improvements in operational practices and standards to reduce reintroduction of vulnerabilities.

Planning, Governance, and Reporting

• Translate high-level work plans into detailed assignments, milestones, dependencies, and execution schedules.

• Monitor and track project progress, risks, issues, and performance deficiencies; provide recurring status reporting to stakeholders.

• Create and mature standards, SOPs, and governance procedures aligned with SEC policy, change control, and federal compliance expectations.

• Maintain management reporting that provides clear visibility into remediation progress and risk posture.

Team Leadership and Stakeholder Coordination

• Provide day-to-day leadership for cross-functional remediation efforts involving engineers, security teams, and federal stakeholders.

• Facilitate collaboration sessions to align technical decisions, priorities, and deliverables before implementation.

• Set quality expectations for work products and ensure consistency, accountability, and continuous improvement across workstreams.

• Coach team members on execution discipline, documentation quality, and escalation practices to meet contract objectives.

REQUIRED QUALIFICATIONS

Citizenship/Work Authorization: Must meet contract requirements.

Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).

Education: Bachelor's degree in a relevant field and 8-12 years of experience. Additional experience may be considered in lieu of a degree.

Experience:

8+ years of professional experience, including at least 7 years of related experience managing and overseeing project details and deliverables.

3+ years of experience managing projects performing vulnerability assessment for the federal government.

Demonstrated experience managing and overseeing audit remediation project tasks and deliverables.

Technical Skills:

Managing and overseeing audit remediation team tasks and deliverables.

Supporting vulnerability identification and remediation activities in federal environments.

Creating and establishing standards and procedures for project execution.

Translating high-level work plans into detailed assignments for team members.

Monitoring and tracking project and work-plan progress.

PREFERRED QUALIFICATIONS

The following are contract-context preferred qualifications that expand baseline labor-category requirements:

Experience supporting SEC or another federal financial regulatory agency environment.

Experience managing enterprise vulnerability and remediation programs across endpoint and infrastructure domains.

Familiarity with KEV requirements and POA&M reporting and closure practices in federal environments.

Experience developing executive reporting for remediation progress, risk posture, and audit readiness.

PMP, CISSP, CISM, or ITIL certification with practical application in federal IT operations.

PMP, CISSP or CISM, ITIL 4 Foundation.

WORK ENVIRONMENT / OTHER

Operational Support: May require participation in on-call or surge support activities depending on operational needs.

Location: Telework

Travel: As required per contract direction.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.