Job Requirements
Arlington, VA
Top Secret/SCI CI Polygraph
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Description & Requirements
Maximus is looking for a Senior Information Systems Security Manager (ISSM) to join its team in Rosslyn, VA.
The ideal candidate will possess a deep understanding of information security principles, regulatory requirements, and industry best practices. They will be adept at managing security controls, leading incident response efforts, and providing strategic guidance to technical teams. The ISSM will also play a key role in fostering a culture of security awareness across the organization and representing the organization in interactions with external stakeholders, including government agencies, auditors, and vendors.
This is an on-site position that requires an active TS/SCI Clearance with the ability to obtain CI Poly.
Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7
Job-Specific Essential Duties and Responsibilities:
Information Security Program Development:
- Develop, implement, and maintain a comprehensive information security program that includes policies, procedures, and guidelines to protect the organization's information assets.
- Regularly review and update the information security program to ensure it remains effective and aligned with industry best practices and regulatory requirements.
Regulatory Compliance:
- Ensure that the organization's information systems comply with all applicable security regulations and standards, including NIST, FISMA, and the Joint Special Access Program Implementation Guide (JSIG).
- Conduct regular audits and assessments to verify compliance and address any identified gaps.
Security Controls Implementation:
- Lead the implementation and maintenance of security controls, such as access controls, data encryption, and vulnerability management.
- Collaborate with IT and other departments to integrate security controls into existing and new systems.
Incident Response Management:
- Manage the organization's security incident response process, including the investigation of security incidents and coordination with internal and external stakeholders to resolve incidents.
- Develop and maintain an incident response plan, conduct regular drills, and ensure all relevant personnel are trained on incident response procedures.
Technical Guidance and Support:
- Provide guidance and support to technical teams in the development and implementation of security solutions and technologies.
- Stay current with emerging security trends, threats, and technologies to provide informed recommendations.
Risk Assessment and Mitigation:
- Conduct security risk assessments to identify potential threats and vulnerabilities.
- Develop and implement risk mitigation strategies to address identified risks, including the creation of risk management plans and the prioritization of security initiatives.
Documentation and Compliance:
- Generate and maintain documentation required for Risk Management Framework (RMF) processes, including Standard Operating Procedures (SOPs), security plans, risk assessments, and Plans of Action and Milestones (POA&M).
- Ensure compliance with the Joint Special Access Program Implementation Guide (JSIG) and other relevant security standards and policies.
External Stakeholder Engagement:
- Represent the organization in meetings and communications with external stakeholders, including government agencies, auditors, and vendors.
- Prepare and present security reports and updates to senior management and external parties as required.
Continuous Improvement:
- Continuously monitor and evaluate the effectiveness of the information security program and make improvements as necessary.
- Foster a culture of continuous improvement by encouraging feedback and collaboration across the organization.
Job-Specific Minimum Requirements:
- Active TS/SCI Clearance with the ability to obtain CI Poly.
Education & Experience:
- IAM level III certification (GSLC, CISM, CISSP, CCISO), or ability to obtain certification within six months of hiring.
- A Bachelor's degree in a relevant field (e.g., Computer Science, Information Systems Management, Engineering) is required for this position.
- 4 years of relevant work experience may be considered in lieu of the degree requirement.
- Minimum of 8 general years of experience in cybersecurity or a related field, with prior experience in a leadership role
- 2+ years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community.
- Strong knowledge of cybersecurity principles, tools, and techniques.
- Security+ or equivalent (DoD 8570) if currently no IAM Level III certifications above
- Strong leadership experience and proactive drive.
Preferred Skills and Qualifications:
- Experience as a Cyber or Security Analyst or Security Control Assessor (SCA) for federal information systems.
- Experience with the Special Access Programs (SAPs) and Intelligence Community (IC).
- Knowledge and/or understanding of Joint Special Access Program Implementation Guide (JSIG)
- The ability to adapt in fast paced environments, comfort with ambiguity.
- Familiarity with cloud technologies, security practices, and agile methodologies.
- Strong self-organization and self-management skills with emphasis on self-initiation and follow through.
- Proven written and oral communication skills.
- Demonstrated ability to build trusted advisor relationships with clients.
#techjobs #clearance #veteranspage
Minimum Requirements
TCS040, T4, Band 7
EEO Statement
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.
Pay Transparency
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.
Accommodations
Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at applicantaccom@maximus.com.
Minimum Salary
$
116,500.00
Maximum Salary
$
165,000.00
Maximus is looking for a Senior Information Systems Security Manager (ISSM) to join its team in Rosslyn, VA.
The ideal candidate will possess a deep understanding of information security principles, regulatory requirements, and industry best practices. They will be adept at managing security controls, leading incident response efforts, and providing strategic guidance to technical teams. The ISSM will also play a key role in fostering a culture of security awareness across the organization and representing the organization in interactions with external stakeholders, including government agencies, auditors, and vendors.
This is an on-site position that requires an active TS/SCI Clearance with the ability to obtain CI Poly.
Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7
Job-Specific Essential Duties and Responsibilities:
Information Security Program Development:
- Develop, implement, and maintain a comprehensive information security program that includes policies, procedures, and guidelines to protect the organization's information assets.
- Regularly review and update the information security program to ensure it remains effective and aligned with industry best practices and regulatory requirements.
Regulatory Compliance:
- Ensure that the organization's information systems comply with all applicable security regulations and standards, including NIST, FISMA, and the Joint Special Access Program Implementation Guide (JSIG).
- Conduct regular audits and assessments to verify compliance and address any identified gaps.
Security Controls Implementation:
- Lead the implementation and maintenance of security controls, such as access controls, data encryption, and vulnerability management.
- Collaborate with IT and other departments to integrate security controls into existing and new systems.
Incident Response Management:
- Manage the organization's security incident response process, including the investigation of security incidents and coordination with internal and external stakeholders to resolve incidents.
- Develop and maintain an incident response plan, conduct regular drills, and ensure all relevant personnel are trained on incident response procedures.
Technical Guidance and Support:
- Provide guidance and support to technical teams in the development and implementation of security solutions and technologies.
- Stay current with emerging security trends, threats, and technologies to provide informed recommendations.
Risk Assessment and Mitigation:
- Conduct security risk assessments to identify potential threats and vulnerabilities.
- Develop and implement risk mitigation strategies to address identified risks, including the creation of risk management plans and the prioritization of security initiatives.
Documentation and Compliance:
- Generate and maintain documentation required for Risk Management Framework (RMF) processes, including Standard Operating Procedures (SOPs), security plans, risk assessments, and Plans of Action and Milestones (POA&M).
- Ensure compliance with the Joint Special Access Program Implementation Guide (JSIG) and other relevant security standards and policies.
External Stakeholder Engagement:
- Represent the organization in meetings and communications with external stakeholders, including government agencies, auditors, and vendors.
- Prepare and present security reports and updates to senior management and external parties as required.
Continuous Improvement:
- Continuously monitor and evaluate the effectiveness of the information security program and make improvements as necessary.
- Foster a culture of continuous improvement by encouraging feedback and collaboration across the organization.
Job-Specific Minimum Requirements:
- Active TS/SCI Clearance with the ability to obtain CI Poly.
Education & Experience:
- IAM level III certification (GSLC, CISM, CISSP, CCISO), or ability to obtain certification within six months of hiring.
- A Bachelor's degree in a relevant field (e.g., Computer Science, Information Systems Management, Engineering) is required for this position.
- 4 years of relevant work experience may be considered in lieu of the degree requirement.
- Minimum of 8 general years of experience in cybersecurity or a related field, with prior experience in a leadership role
- 2+ years of cybersecurity experience in the Department of Defense (DoD) or Intelligence community.
- Strong knowledge of cybersecurity principles, tools, and techniques.
- Security+ or equivalent (DoD 8570) if currently no IAM Level III certifications above
- Strong leadership experience and proactive drive.
Preferred Skills and Qualifications:
- Experience as a Cyber or Security Analyst or Security Control Assessor (SCA) for federal information systems.
- Experience with the Special Access Programs (SAPs) and Intelligence Community (IC).
- Knowledge and/or understanding of Joint Special Access Program Implementation Guide (JSIG)
- The ability to adapt in fast paced environments, comfort with ambiguity.
- Familiarity with cloud technologies, security practices, and agile methodologies.
- Strong self-organization and self-management skills with emphasis on self-initiation and follow through.
- Proven written and oral communication skills.
- Demonstrated ability to build trusted advisor relationships with clients.
#techjobs #clearance #veteranspage
Minimum Requirements
TCS040, T4, Band 7
EEO Statement
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.
Pay Transparency
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.
Accommodations
Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at applicantaccom@maximus.com.
Minimum Salary
$
116,500.00
Maximum Salary
$
165,000.00
group id: 50050274
Maximus makes it easier for people to access public services and positions governments to meet complex policy and service delivery challenges with agility, resilience, and impact.
