Cybersecurity Analyst SME I

Job Locations US-Remote
Requisition ID 2022-81440
Posted Date
2 months ago(9/26/2022 1:30 PM)
# of Openings
Job Function
Information Technology
Job Schedule
Regular Full-Time

Job Description Summary

Maximus is seeking a Cyber Security Analyst to join our EPA ISS program. This is a remote role and requires a public trust clearance. The team supports and sustains the client’s cybersecurity program. The team provides centralized management of security assessments; proposes information security technical and administrative solutions; performs analyses to ensure security controls are consistently implemented; integrates new technology with information security standards; develops and executes plans for monitoring and assessing networks, systems and applications; and supports the sustainment of the Risk Management Framework (RMF).

The information system security analyst SME I will work with the compliance and risk management team to:
- Play a critical role in the assessment and authorization of new or existing systems.
- Collaborate with system owners and Subject Matter Experts (SMEs) in assessing the security posture of systems throughout the RMF lifecycle.
- Coordinate with stakeholders and system owners to ensure all NIST SP 800-53 controls are properly implemented and assessed throughout the ATO lifecycle.
- Coordinate with stakeholders to develop, and provide yearly reviews of, RMF system documentation, e.g., System Security Plan, Incident Response Plan, Configuration Management Plan, and Information System Contingency Plan.
Interact with team members to ensure a comprehensive accreditation package is maintained.
- Provide high-level functional systems and cloud application analysis, design, integration, documentation, and implementation advice on moderately complex problems relating to cybersecurity that require an appropriate level of knowledge of the subject matter for effective implementation.
- Apply principles, methods, and knowledge of cyber security to specific task order requirements, advanced principles, and methods to address technical cybersecurity issues.
- Develop Plan of Action & Milestones (POA&Ms) to manage the mitigation of information system security weaknesses.
- Assist other senior consultants with analysis and evaluation to develop recommendations for system improvements, optimization, development, and/or maintenance efforts in related domains.

Required Skills:
- Bachelor’s Degree and a minimum of two (2) years of cyber security experience in governance, risk, and compliance.
- Active and current CompTIA Security+ or equivalent.
- Knowledge and understanding of the National Institute of Standards and Technology (NIST) RMF Special Publications.
- Experience in supporting the steps in the Risk Management Framework (RMF).
- Strong network, FedRAMP/Cloud security background.
- Ability to conduct security control selection, tailoring, and overlays.
- Excellent technical writing skills and RMF control knowledge (must be able to technically document assigned area of responsibility as it relates to meeting the requirements of the control).
- Experience with developing POA&Ms (must be able to technically document mitigation strategies and milestones for findings associated with assigned area of responsibility).
- Ability to work in a team or independently.
- Excellent communication skills (verbal/written).
- Excellent project planning and time management skills.
- Experience with Microsoft Office, including Word, Excel, and PowerPoint.
- Ability to assimilate multiple inputs into a cohesive output/strategy.
- Experience with public speaking and ability to conduct meetings.

Years of Experience: 2+ Years
Minimum Education Required: Bachelor's Degree
Clearance Required: Public Trust
Due to federal client requirements, only US Citizens can be considered.
Candidates must have a CompTIA Security+ certification

Desired Skills:
- CISSP/CISA/CISM/CRISC and 5+ years of cyber security experience.
- Strong network, FedRAMP/Cloud security background.
- Experience with the XACTA and Nessus scanning tools are a big plus.


Job Summary

Essential Duties and Responsibilities:

- Provide technical knowledge and analysis of highly specialized applications and operational environment
- Conduct A&A activities for multiple systems on the client's network, from document creation and security control implementation to assessments, reporting, and POAM creation/mitigation
- Provide high-level functional systems analysis, design, integration, documentation and implementation advice on moderately complex problems relating to cybersecurity that require an appropriate level of knowledge of the subject matter for effective implementation
- Apply principles, methods, and knowledge of cyber security to specific task order requirements, advanced principles and methods of difficult and/or narrowly defined technical problems in cybersecurity
- Assist other senior consultants with vulnerability analysis and evaluation and with the preparation of recommendations for system improvements, optimization, development, and/or maintenance efforts in related domains

Required Skills:

- Experience with NIST guidelines
- Experience with RMF process and conducting risk assessments
Desired Skills:
- Familiarization with Xacta and vulnerability assessment reports
- Network and/or cloud security background
- Demonstrated ability to build trusted advisor relationships with clients
- Experience supporting sales and business development
- Experience with financial management

Years of Experience: 2-4
Minimum Education Required: Bachelor’s Degree

MAXIMUS Introduction

Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit

EEO Statement

EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

Pay Transparency

Maximus compensation is based on various factors including but not limited to a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation shall be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.