Information System Security Officer
MAXIMUS
Arlington, VA
information system
security
officer
security
management
assurance
government
oa&m
data
data security
mission
information systems
configuration
March 17, 2023
MAXIMUS
Arlington, VA
FULL_TIME
Job Description Summary:
Description: Do you love protecting our country from cyber-attacks? We have an exciting cybersecurity ISSO role open for a DoD client for TS/SCI cleared candidates. The ISSO will work with the compliance and risk management team to: •Verify data security access controls based on the Joint Special Access Program Implementation Guide (JSIG).•Verify data security access controls and assign privileges based on need-to-know.•Responsible for creation and management of Body of Evidence (BOE)•Maintain privilege access control logs•Creation and management of Interconnection Security Agreements (ISA)•Track vulnerabilities by creating Plan of Action and Milestones (POA&M)•Manage the configuration and documentation contained in the program's instance of Enterprise Mission Assurance Support Services (eMASS).•Demonstrate a detailed ability to prepare reports identifying the results of compliance and performance tests.•Develops and implements information assurance/security standards and procedures.•Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands•Supports customers at the highest levels in the development and implementation of doctrine and policies.Required Skills:Active TS/SCI clearance in DISSVerify data security access controls based on the Joint Special Access Program Implementation Guide (JSIG Verify data security access controls and assign privileges based on need-to-know.Apply and maintain required confidentiality controls and processes.Execute processes and procedures for protecting CUI, SAP, SCI, and PII.Responsible for creation and management of Body of Evidence (BOE)Maintain privilege access control logsCreation and management of Interconnection Security Agreements (ISA)Track vulnerabilities by creating Plan of Action and Milestones (POA&M)Manage the configuration and documentation contained in the program's instance of Enterprise Mission Assurance Support Services (eMASS).Demonstrate a detailed ability to analyze events or test results and prepare a POA&M.Other ISSO specific functions include:Develops and implements information assurance/security standards and procedures.Reviews information assurance/security solutions to support customers' requirements.Supports customers at the highest levels in the development and implementation of doctrine and policies.Years of Experience: 5+ YearsMinimum Education Required: Bachelor's DegreeMust Have Active TS/SCI Clearance in DISSDue to federal client requirements, only US Citizens can be considered.Candidates must have a Security+ certification, plus be able to obtain a Certified Information Systems Security Professional (CISSP) or similar certification for IAT Level III per 8570 Cyber Workforce Requirements within 6 months of hire dateDesired Skills:o In addition to the required skills for this position, a qualified candidate for this position will demonstrate a combination of training and hands-on experience in many of the operational and technical skills listed below:o 5+ years of experience to include Information Assurance (IA) experience with a large, complex programs.oThe ISSO shall have at least five years' experience in planning, documenting, and resolving security and information assurance issues on a technical program.oThe ISSO candidate should have a good understanding of Department of Defense (DoD) Risk Management Framework (RMF), JSIG, NIST SP 800-53A security controls, and all applicable Security Technical Implementation Guides (STIGs). oWorking experience with eMASS is desired.oExperience using Agile backlog management tool(s), preferably JIRA#techjobs #Clearance #DISACESO
Job Summary:
Required Skills:- Five to 10 years of experience as an ISSO, ISSM, or CISO for one or more federal information systems.- Strong familiarity with RMF, as established by the Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications.- Experience with the Federal Risk and Authorization Management Program (FedRAMP).- Senior level of experience in engineering information systems, as well as working knowledge of current technologies.- Strong preference for a Certified Information Systems Security Professional (CISSP), or ability to obtain certification within six months of hiring. Alternatively, an existing Certified Authorization Professional (CAP) certification is acceptable.- Excellent verbal and written communication skills, with the ability to state messages in a clear and concise manner.- Strong consulting skills, with experience presenting to executives.- Ability to multi-task, prioritize, and re-prioritize work in a fast-paced environment.- Ability to learn an application environment in order to update or create supported security documentation.- Experience in accreditation and assuring the system is compliant with all required security controls as defined by agency policies.- Ability to support the ISO in selecting security controls for the information system.- Experience in reviewing proposed change requests related to system design/configuration and performing security impact analysis.- Experience in reviewing monthly vulnerability scan reports, and tracking and addressing weaknesses in POA&Ms as needed.- Preferred experience using the Cyber Security Assessment and Management (CSAM) system or similar tools.- Experience with vulnerability scanning and assessments.Desired Skills:- Demonstrated ability to build trusted advisor relationships with clients- Experience supporting sales and business development- Experience with financial management
Education and Experience Requirements:
#SAPCIO #SecurityOfficer #InformationSecurityAnalyst #DirectorOfSecurity #InformationSpecialist #InformationSystemsManager #TechnologySpecialist #TechnicalAnalyst #SupportSpecialist #SecuritySupervisor #IntelligenceAnalyst #LeadSecurityOfficer #ControlOfficer #SafetyAndSecurityOfficer #SecurityEngineer #ITjobSAPCIO
MAXIMUS Introduction:
Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit
EEO Statement:
Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit
Pay Transparency:
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation.
Posted Min:
USD $150,000.00/Yr.
Posted Max:
USD $180,000.00/Yr.
]]>
Description: Do you love protecting our country from cyber-attacks? We have an exciting cybersecurity ISSO role open for a DoD client for TS/SCI cleared candidates. The ISSO will work with the compliance and risk management team to: •Verify data security access controls based on the Joint Special Access Program Implementation Guide (JSIG).•Verify data security access controls and assign privileges based on need-to-know.•Responsible for creation and management of Body of Evidence (BOE)•Maintain privilege access control logs•Creation and management of Interconnection Security Agreements (ISA)•Track vulnerabilities by creating Plan of Action and Milestones (POA&M)•Manage the configuration and documentation contained in the program's instance of Enterprise Mission Assurance Support Services (eMASS).•Demonstrate a detailed ability to prepare reports identifying the results of compliance and performance tests.•Develops and implements information assurance/security standards and procedures.•Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands•Supports customers at the highest levels in the development and implementation of doctrine and policies.Required Skills:Active TS/SCI clearance in DISSVerify data security access controls based on the Joint Special Access Program Implementation Guide (JSIG Verify data security access controls and assign privileges based on need-to-know.Apply and maintain required confidentiality controls and processes.Execute processes and procedures for protecting CUI, SAP, SCI, and PII.Responsible for creation and management of Body of Evidence (BOE)Maintain privilege access control logsCreation and management of Interconnection Security Agreements (ISA)Track vulnerabilities by creating Plan of Action and Milestones (POA&M)Manage the configuration and documentation contained in the program's instance of Enterprise Mission Assurance Support Services (eMASS).Demonstrate a detailed ability to analyze events or test results and prepare a POA&M.Other ISSO specific functions include:Develops and implements information assurance/security standards and procedures.Reviews information assurance/security solutions to support customers' requirements.Supports customers at the highest levels in the development and implementation of doctrine and policies.Years of Experience: 5+ YearsMinimum Education Required: Bachelor's DegreeMust Have Active TS/SCI Clearance in DISSDue to federal client requirements, only US Citizens can be considered.Candidates must have a Security+ certification, plus be able to obtain a Certified Information Systems Security Professional (CISSP) or similar certification for IAT Level III per 8570 Cyber Workforce Requirements within 6 months of hire dateDesired Skills:o In addition to the required skills for this position, a qualified candidate for this position will demonstrate a combination of training and hands-on experience in many of the operational and technical skills listed below:o 5+ years of experience to include Information Assurance (IA) experience with a large, complex programs.oThe ISSO shall have at least five years' experience in planning, documenting, and resolving security and information assurance issues on a technical program.oThe ISSO candidate should have a good understanding of Department of Defense (DoD) Risk Management Framework (RMF), JSIG, NIST SP 800-53A security controls, and all applicable Security Technical Implementation Guides (STIGs). oWorking experience with eMASS is desired.oExperience using Agile backlog management tool(s), preferably JIRA#techjobs #Clearance #DISACESO
Job Summary:
Required Skills:- Five to 10 years of experience as an ISSO, ISSM, or CISO for one or more federal information systems.- Strong familiarity with RMF, as established by the Federal Information Security Management Act (FISMA), and National Institute of Standards and Technology (NIST) FIPS 199/200 and Special Publications.- Experience with the Federal Risk and Authorization Management Program (FedRAMP).- Senior level of experience in engineering information systems, as well as working knowledge of current technologies.- Strong preference for a Certified Information Systems Security Professional (CISSP), or ability to obtain certification within six months of hiring. Alternatively, an existing Certified Authorization Professional (CAP) certification is acceptable.- Excellent verbal and written communication skills, with the ability to state messages in a clear and concise manner.- Strong consulting skills, with experience presenting to executives.- Ability to multi-task, prioritize, and re-prioritize work in a fast-paced environment.- Ability to learn an application environment in order to update or create supported security documentation.- Experience in accreditation and assuring the system is compliant with all required security controls as defined by agency policies.- Ability to support the ISO in selecting security controls for the information system.- Experience in reviewing proposed change requests related to system design/configuration and performing security impact analysis.- Experience in reviewing monthly vulnerability scan reports, and tracking and addressing weaknesses in POA&Ms as needed.- Preferred experience using the Cyber Security Assessment and Management (CSAM) system or similar tools.- Experience with vulnerability scanning and assessments.Desired Skills:- Demonstrated ability to build trusted advisor relationships with clients- Experience supporting sales and business development- Experience with financial management
Education and Experience Requirements:
#SAPCIO #SecurityOfficer #InformationSecurityAnalyst #DirectorOfSecurity #InformationSpecialist #InformationSystemsManager #TechnologySpecialist #TechnicalAnalyst #SupportSpecialist #SecuritySupervisor #IntelligenceAnalyst #LeadSecurityOfficer #ControlOfficer #SafetyAndSecurityOfficer #SecurityEngineer #ITjobSAPCIO
MAXIMUS Introduction:
Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit
EEO Statement:
Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs. Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs. With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom. For more information, visit
Pay Transparency:
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation.
Posted Min:
USD $150,000.00/Yr.
Posted Max:
USD $180,000.00/Yr.
]]>
Report this job