MAXIMUS

Director – Federal IT Security Operations

Job Locations US-VA-Falls Church
Requisition ID 2020-57585
Posted Date
1 week ago(10/14/2020 3:50 PM)
# of Openings
1
Job Function
Information Technology
Job Schedule
Regular Full-Time

Job Description Summary

This is an exciting opportunity for a Director role to lead and provide guidance, and support for the IT solutions and services delivered by Maximus Federal IT operations. You will be responsible for leading and supporting the overall security posture for ensuring the FedRAMP authorization and ATO for all our solution offerings. The role will include successful implementation, refinement and maintenance of the SIEM platform and associated functions. This is a critical role that will set our cloud compliance strategy and collaborate with teams across the company including Product, Engineering, Cloud Operations, Security. The Position will ensure pre- and post-authorization activities such as Gap Assessment, SSP Documentation, 3PAO Assessment and Continuous Monitoring.

Key Responsibilities:
•Demonstrate domain expertise in FedRAMP, NIST FIPS 199, NIST SP 800-53 Rev 4, NIST SP 800-37, NIST 800-171, DFARS 252.204-7012, FISMA, ITAR, and supporting Systems Security Assessment and Authorization (SA&A) for Federal Agencies.
•Develop and maintain cybersecurity plans, strategy, and policy to support and align with program cybersecurity initiatives and regulatory compliance.
•Risk Management by overseeing, evaluating and supporting the documentation, validation, assessment and authorization processes necessary to assure existing and new IT systems meet the organization’s/client’s cybersecurity and risk requirements.
•Provide Splunk Security leadership along with other cybersecurity technologies in order to support using security information and event management (SIEM) or security event management (SEM) best practices and enterprise security.
•Manage and review existing cloud security design, processes and supporting tools to ensure they are effective and leverage cloud security industry trends that can mitigate emerging threats.
•Ensure thorough technical documentation, e.g. System Security Plan (SSP) is maintained, using knowledge of security controls and security audits, for technical architecture, operational process and security processes
•Represent the MGEP solution to external organizations such as Federal Agencies ISO, FedRAMP PMO, JAB, DISA, and 3PAO assessors
•Leverage technical and program management skills to plan, track, collaborate and report on FedRAMP program deliverables, including scheduling and leading meetings, assigning and tracking action items, and developing status reports.
•Collect security control implementation review results, penetration testing results, and vulnerability scan results for reporting to authorizing agencies
•Stay abreast of market trends in the Public Sector cloud compliance space to maintain technical expertise and apply best practices to business challenges

Skills You Need to Succeed:
•Strong Public Sector industry experience of at least 10+ years, of which at least 3-5 years of Security and Compliance experience.
•Amazon Cloud Solution Architect – Associate Certification highly desirable
•Experience with cloud computing, specially security aspects of IaaS, PaaS, and SaaS environments
•Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
•Strong understanding of the latest security principles, techniques, and protocols
•Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
•Understanding of threat landscape including code and OS vulnerabilities
•Good understanding of Transport Layer protocols such as TCP/TLS and Application layer protocols such as HTTP and SIP
•Deep knowledge of overall FedRAMP and DOD Impact Level process and how security controls are implemented to meet compliance requirements

Preferred Education:
•Masters (MS) in information Security and Assurance
•Bachelor (BS) degree in Computer Science, Software Engineering or a closely related field or foreign equivalent
•Certification in CISSP, CISA is preferred but not mandatory

 

Essential Duties and Responsibilities:
- Develop, implement, and manage a strategic, comprehensive corporate and/or project/client information security monitoring and operation program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
- Responsible in the review of all SOC policies and procedures.
- Provide leadership and oversight over the Security Operations Center (SOC) staff.
- Responsible for the establishment, planning and administration of overall policies, goals and procedures.
- Analyze staffing needs for coverage and proactively make adjustments when necessary.
- Measure staff’s performance through annual performance appraisals and provide training/development for continuous improvement.
- Provide/Demonstrate strong leadership, organizational and coaching abilities.
- Communicate with Information Technology professionals as well as senior management and auditors, assessors, and consultants.
- Perform other duties as assigned by management.

Minimum Requirements:
- Bachelor's degree required,  five (5) years of people management experience, ten (10) years of experience in the related field.

MAXIMUS Introduction

Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit https://www.maximus.com.

 

EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

Apply/Socialize

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.