Senior Information Security Analyst

MAXIMUS

United States

United States

Jetzt Bewerben

Über

Description & Requirements The Maximus DoD Cloud Security Officer will collaborate closely with the Federal Business Information Security Officer to develop and enforce security policies and procedures for federal clients. This includes adherence to federal standards such as FISMA, FAR/DFAR Clauses, Executive Orders, and OMB guidelines concerning IL5 Cloud Environments. The primary focus will be on creating, managing, and maintaining a comprehensive System Security Plan (SSP) along with necessary documentation to secure DISA IL5 certification. Continuous monitoring of the IL5 environment will also be a key responsibility, positioning this role as the Subject Matter Expert (SME) on control management. Key Responsibilities: Conduct application vulnerability assessments to uncover potential weaknesses. Perform network vulnerability assessments to pinpoint host vulnerabilities. Analyze and prioritize findings from vulnerability assessments. Evaluate system configurations for security gaps or compliance issues. Foster collaborative relationships to provide effective security assessments and recommendations. Carry out additional tasks as needed. Additional Responsibilities: Manage the System Security Plan and associated documentation for DISA IL5 certification and NIST 800-53 compliance. Serve as a liaison across various business units to ensure compliance with legal and contractual cybersecurity requirements. Communicate security control implementations to the Maximus Information Security Office. Collaborate with the Threat and Vulnerability Management Team for timely compliance with remediation standards. Minimum Qualifications: Bachelor's Degree with 7-10 years of relevant security or technology experience. Desired certifications: Security+, CEH, or CISSP. Knowledge in IPv4 architecture, web application development, network security controls, and vulnerability management. Experience with dynamic application security testing (DAST) and vulnerability management tools. Familiarity with NIST SP 800-53 and OWASP Top 10. Excellent analytical and communication skills. Ability to manage multiple tasks and collaborate effectively with diverse teams. Additional Qualifications: DoD Secret clearance or eligibility. Experience with DISA IL5 Certification and developing necessary documentation for A&A activities. Proficient in using GRC tools (eMASS, CFACTS, CSAM) and compliance with STIG. Familiar with vulnerability assessment tools like Qualys and Tenable. A successful candidate will be able to exercise judgment in evaluating various methods and solutions to complex problems, utilizing substantial initiative and networking skills. This position requires a commitment to working within a fast-paced environment while ensuring high standards of security compliance are met. We welcome applicants who are ready to take on these challenges and make a meaningful contribution.

United States

Sprachkenntnisse

English

Hinweis für Nutzer

Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.

Jetzt Bewerben