MAXIMUS

  • Cyber Security Security SME

    Job Locations US-VA-Falls Church
    Posted Date 2 months ago(12/5/2019 1:20 PM)
    Requisition ID
    2019-47195
    # of Openings
    1
    Job Schedule
    Regular Full-Time
  •  

    Since 1975, MAXIMUS has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. MAXIMUS delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, MAXIMUS is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit https://www.maximus.com.

    Job Description Summary

    Cyber Security Engineer/Architect

    MAXIMUS Federal – Eligibility Appeals Operations Support (EAOS) is looking for Cyber Security Engineer/Architect with experience architecting, developing and implementing enterprise security solutions within the public sector.

    The individual must have over 5 years of experience engineering and architecture technology and cyber security solutions with hands on experience in cloud and on-prem environments. Ideal candidate will have a wide range of experience architecting and implementing cyber security solutions, knowledge of NIST Risk Management Framework (RMF), Security Assessment and Authorization (SA&A), and FedRAMP.

    In addition, the Cyber Security Engineer/Architect role will be a subject matter expert (SME) in supporting agile teams in identifying current threats, mitigate vulnerabilities, and anticipate future cybersecurity needs.

    The candidate must be able to operate independently and demonstrate experience to architect, develop and implement security solutions.

    Position Responsibilities:
    •Design, implement, test and operate security solutions in compliance with technical reference architecture and minimal security controls
    •Analyze information systems to ensure that appropriate security safeguards have been included in the systems design and architecture
    •Collaborate with Information Security Management to document identified issues and risks, and appropriate remediation plans.
    •The candidate will provide security technical solution support during proposal development
    process, to include technology stack selection, solution architecture, and implementation methodology
    •The candidate will be required to develop and provide presentations and demonstrations of technology solutions to both internal and external stakeholders

    Position Qualifications
    •Knowledge of potential vulnerabilities and threats to existing web, applications, database, and operating system technologies
    •Must have participated in architecting and implementing security solutions for multiple federal projects
    •Strong working knowledge of cloud infrastructure and security best practices, such as Amazon Web Services, Microsoft Azure, etc.
    •Strong working knowledge of IAM technologies and services such as Active Directory, Lightweight Directory Access Protocol (LDAP) and Amazon Web Service (AWS) IAM
    •Direct, hands-on experience or a strong working knowledge of application and network vulnerability management tools
    •Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
    •Experience with automating security testing with the use of scripting and APIs for a CI/CD pipeline

    Education and Experience
    •Proven experience communicating with non-technical business personnel and ability to interact and work in a team environment.
    •Three (3) or more years of experience as a Security Engineer; with a focus on cloud infrastructure
    •Should have (3) or more years of experience using Agile development methodology, and working experience in a DevSecOps environment is highly desired
    •Bachelor's Degree in Information Technology, Information Security, Information Assurance, Information Management or equivalent related work experience.

    Skills and Knowledge
    •Solid understanding of NIST SP 800-37, SP 800-53, SP 800-63, SP 800-137, and SP 800-160
    •Strong team skills and ability to listen, build consensus, and collaborate with business, IT and security groups
    •Strong analytical and quantitative skills
    •Strong knowledge in identifying and assessing Information Security risk and development of appropriate approaches to mitigate risk
    •Ability to deal with and meet tight deadlines with limited resources
    •Ability to thrive in an environment of change and manage multiple tasks and responsibilities simultaneously
    •Prefer knowledge and experience implementing CMS Acceptable Risk Safeguards (ARS) and Technical Reference Architecture (TRA)

     

    Essential Duties and Responsibilities:
    - The IT Security Specialist III must have a strong background adhering to Federal Information Security Management Act (FISMA) Standards using the Risk Management Framework (RMF).
    - Conduct Assessment and Accreditation (A&A) reviews and perform continuous monitoring functions and assist in maintaining Systems Authorization to Operate (ATO) or for system re- certification.
    - Conduct audits and provide guidance of security programs (i.e., A&A, Continuous Monitoring, FISMA, NIST, DOC and NOAA) policies and procedures.
    - Prepare risk analysis reports and provide recommendations to the client.
    - Analyze penetration testing and vulnerability scan reports on all systems as required.
    - Provide impact analysis on local Federal Civilian Agency with regard to updates and version changes on National Institute of Standards and Technology (NIST) Security Publications and FISMA notices. Update and develop security Standards and templates as required to meet new government and regulatory requirements.
    - Use risk management techniques to develop and complete risk assessments based on NIST standards to ensure Information Assurance design sufficiently mitigates the risk.
    - Utilize proficient, clear and concise English written and verbal communication skills in order to effectively interact with clients. Successfully communicate with individuals at various levels of expertise in subject areas of concern.

    Minimum Requirements:
    - Typically requires a minimum of 5 years of related experience with a Bachelor's degree; or 3 years and a Master's degree; or a PhD without experience; or equivalent work experience.
    - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors.
    - Demonstrates good judgement in selecting methods and techniques for obtaining solutions.
    - Networks with senior internal and external personnel in own area of expertise.

     

    EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies MAXIMUS deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. MAXIMUS is an Affirmative Action/Equal Opportunity Employer. MAXIMUS provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

    Apply/Socialize

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.