MAXIMUS

Information Security Specialist

US-DC-Washington
2 weeks ago
Requisition ID
2017-26223
# of Openings
1
Job Function
Information Security
Job Schedule
Regular Full-Time

Overview

MAXIMUS is a leading operator of government health and human services programs and has partnered with state, federal and local governments to provide critical, high quality health and human service programs to a diverse array of communities. Operating under MAXIMUS’s founding mission of Helping Government Serve the People® since 1975, MAXIMUS Federal Services is entirely focused on helping government agencies run programs cost-effectively and serve program constituents with improved outcomes. By being a responsible steward for government programs, we help the federal government deliver on its promises through our people, process and technology. Our focus is always on outcomes and results that connect citizens more effectively with government services.

 

This position will support scheduled Office of Inspector General (OIG) audits and compliance by providing coordination and guidance with agencies and System Owners. This position will provide necessary leadership, execution and support of compliance activities related to federal Information Technology security mandates including but not limited to: Federal Information Management Security Act (FISMA), Federal Information System Control Audit Manual (FISCAM), Presidential Directives (PD) 63 and 67, Public Law 100-235, Office of Management and Budget (OMB) A-123, OMB A-127, and OMB A-130.

 

Responsibilities

  • Manage day-to-day security operations, including assisting on investigative matters related to information security as requested
  • Prepare scheduled FISMA reports
  • Conduct Plan of Action and Milestones (PO&AM) reviews, oversight and reporting as well as Privacy Impact Assessments
  • Coordinate data collection, analysis and reporting for IT security data calls, Freedom of Information Act (FOIA) Requests, Incident reports
  • Perform security assessments and review system security documentation
  • Develop, review, and update Certification and Accreditation (C&A) packages and Authority to Operate (ATO) documentation for systems hosted and owned by Office of the Assistant Secretary for Administration and Management Information Technology Center (OASAM-ITC)
  • Maintain and manage the required systems security documentation on the Department of Labor (DOL)-adopted Department of Justice (DOJ) Cyber Security Assessment and Management (CSAM) system. Minimum documentation includes:
    • System Categorization Worksheets (SCW)
    • Privacy Impact Assessments (PIA)
    • Security Control Assessments (SCA)
    • System Security Plans (SSP)
    • Risk Assessments (RA)
    • Contingency Plans (CP) and testing
    • Federal Information Processing Standard Publication 199 (FIPS 199) Security Categorization
    • Security Control Test & Evaluation (SCT&E)
    • Certification
    • Disposition plans
    • Annual and quarterly security documentation review and testing
    • ATO certifications and re-certifications
    • Security Self Assessments (SSA)
    • Memoranda of Understanding (MOU)
    • Interconnection Security Agreement(s) 
  • Assist system owners and representatives with use of CSAM as it pertains to the management of their system’s security documentation
  • Coordinate with departmental agency staff as necessary to provide guidance on the process of conducting risk analysis and computer security reviews, security assessments, the preparation of Disaster Recovery Plans in the Continuity of Operations (COOP) plans, security plans, and the processes involved in the DOL required activities for the Certification and Accreditation of Major Information and General Support Systems (MIS/GSS)
  • Develop IT security policies
  • Conduct System Owner training on a regular basis
  • Manage the Computer Security Awareness Training and Role-Based Training projects
  • Develop, review, update and publish Rules of Behavior
  • Develop and implement information sharing regarding cyber security best practices and common vulnerabilities
  • Prepare and publish monthly cyber security newsletters
  • Administer and manage the site and content blocking, event monitoring, network intrusion detection systems
  • Conduct, as needed, system penetration testing, vulnerability assessment, and security risk analysis
  • Support process, technical and R&D activities
  • Conduct research of new technologies, systems and processes to make recommendations on the enhancement of the security posture
  • Perform research and preliminary proof-of-concept testing of security tools
  • Prepare and submit SAR responses

 

 

The Ideal Candidate will Possess the Following Additional Education and Experience

  • Associate's degree from an accredited college or university required, equivalent experience considered in lieu of degree
  • Bachelor’s degree from an accredited college or university preferred
  • At least five (5) years of IT security experience required
  • At least five (5) years of experience performing A&A work required
  • At least five (5) years of experience conducting FISMA, FISCAM, audits, as well as developing Systems Security Plans (SSP), Privacy Impact Assessments, Contingency Plans and certifications (ATO, C&A) required
  • Knowledge of NIST Risk Management Framework
  • Excellent attention to detail capability
  • Excellent oral and written communication skills
  • Ability to work in a fast-paced, dynamic environment
  • Ability to interface with all levels of management
  • Ability to perform complex tasks with minimal supervision and guidance
  • Excellent time management, scheduling, and organizational skills
  • Ability to work well independently or in a team setting
  • Knowledge of Security Practices and processes
  • Working knowledge of Security Assurance, Controls and Compliance programs within the federal space

Physical Requirements:

  • Ability to sit for up to 80% of time
  • Work is performed in a fast-pace Information Technology environment
  • Ability to lift or transport items weighing up to 40 lbs.

Additional Requirements as per Contract/Client:

  • Applicants selected must be able to obtain and maintain a Public Trust - Moderate Risk security clearance
  • United States Citizenship or Permanent Residency

EEO Statement

A committed and diverse workforce is our most important resource.

MAXIMUS is an Affirmative Action/Equal Opportunity Employer.

MAXIMUS provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

Apply/Socialize

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.