Talent.com
Lead Analyst - Info Sec
Lead Analyst - Info SecMAXIMUS • Detroit, MI, United States
Lead Analyst - Info Sec

Lead Analyst - Info Sec

MAXIMUS • Detroit, MI, United States
1 day ago
Job type
  • Full-time
Job description

Description & Requirements

The Maximus DoD Cloud Information Systems Security Officer (ISSO) will work directly with the Maximus Federal Business Information Security Officer (BISO) to identify and manage implementation of security policies, standards, and procedures that support federal customers with federal requirements to include FISMA, applicable FAR and DFAR Clauses, Executive Orders, and OMB's applicable to IL5 Cloud Environments. The primary role of the ISSO will be the creation, management, and administration of a System Security Plan (SSP) to include all required artifacts needed to obtain a DISA IL5 certification and to maintain compliance with NIST 800-53 and associated NIST 800 series publications. The ISSO will be responsible for all continuous monitoring of the IL5 environment supporting federal customers and will be the SME for control management and the establishment of Inheritance which will be used to support future DoD projects

Essential Duties and Responsibilities :

  • Performs application vulnerability assessments to identify application vulnerabilities.
  • Performs network vulnerability assessments to identify host vulnerabilities.
  • Identifies, analyzes, and prioritizes vulnerability findings.
  • Analyzes system configurations to identify possible security gaps andor compliance violations.
  • Establishes collaborative working relationships with internal resources to provide security assessments, reports, and recommendations.
  • Performs other related duties as assigned.

Additional Duties and Responsibilities :

  • Create and manage System Security Plan and creation and or validation of all associated artifacts required to obtain DISA IL5 certification as well as NIST 800-53 compliance to include but not limited to a System Level Continuous Monitoring (SLCM) Strategy, HW / SW lists, Information Flow Diagrams, System Categorization Forms, System Topologies, Configuration Management Plan, Configuration Control Board (CCB) Charter, System and Services Acquisition Plan, System and Information Integrity Plan, System and Communication Protection Plan, Security Assessment and Authorization Plan, Risk Assessment Plan, Program Management Plan, Security Planning, Physical and Environmental Protection Plan, Personnel Security Plan, Media Protection Plan, Identification and Authentication Plan, Contingency Plan, Audit and Accountability Plan, Security Awareness and Training Plan, Incident Response Plan, Access Control Plan, Risk Assessment Review (RAR) and Plan of Action and Milestone (POA&M).
  • Liaison with Maximus Federal business units, Maximus Corporate business units, and external stakeholders to ensure all legal and contractual requirements pertaining to cybersecurity, physical security, and Information Assurance are being met.
  • Communicate federal requirements to Maximus Information Security Office (ISO) and advise implementation of applicable security controls and hardening standards to governance and technical teams.
  • Assist the BISO and ISO Team in the identification and assignment of control owners throughout the organization and continually review controls on organizationally defined periodicities.
  • Actively collaborate with Maximus Threat and Vulnerability Management (TVM) Team to ensure applicable technologies are compliant with defined remediation timelines and hardening standards via enterprise vulnerability management tools.

    • Minimum Requirements

  • Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required.
  • Bachelor's Degree
  • 7-10 years of security or technology related experience
  • Professional certifications, such as Security+, CEH, or CISSP, desirable
  • Knowledge of IPv4 network architecture and core services
  • Knowledge of web application development and architecture
  • Knowledge of network security controls
  • Knowledge of vulnerability management
  • Experience with dynamic application security testing (DAST) tools
  • Experience with vulnerability management (VM) tools
  • Familiarity with OWASP Top 10
  • Familiarity with WASC Threat Classification
  • Familiarity with CVE
  • Familiarity with NIST SP 800-53
  • Experience with automated service ticketing systems
  • Excellent analytical, decision-making, and problem-solving skills
  • Ability to communicate technical information in understandable business terms
  • Excellent interpersonal skills, presentation skills, and verbal / written communication skills
  • Strong customer service abilities required.
  • Ability to work collaboratively with a broad range of staff. Skilled in Microsoft Office software including Word, Excel, Visio, MS Project, and PowerPoint
  • Ability to perform comfortably in a fast-paced, deadline-oriented work environment
  • Ability to execute many complex tasks simultaneously, and work as a team member as well as independently

    • Additional Minimal Requirements :

  • Have a DoD secret clearance status or eligible to obtain secret clearance status.
  • DISA IL5 Certification Experience
  • Strong understanding of federal and DoD requirements to include but not limited to applicable Executive Orders, FISMA, FIPS, CMMC, NIST 800-171, NIST 800-60, NIST 800-65, SCRM, FedRAMP, DODI 8500s, 8500.2s, and 8510s.
  • Experience with GRC tools (eMASS, CFACTS, CSAM).
  • Experience developing SSP's and applicable artifacts required for A&A activities.
  • Experience with STIG compliance.
  • Experience with vulnerability management and assessment via Qualys and Tenable.
  • Works on complex issues where analysis of situations or data requires an in depth evaluation of variable
  • Exercises judgement in selecting methods, techniques, and evaluation criteria for obtaining results.
  • Networks with key contacts outside own area of expertise.
  • Develops solutions to a variety of complex problems.
  • Work requires considerable judgment and initiative.

    • EEO Statement

    Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.

    Pay Transparency

    Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.

    Accommodations

    Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at applicantaccommodations@maximus.com .

    Minimum Salary

    108,375.00

    Maximum Salary

    146,625.00

    Create a job alert for this search

    Analyst • Detroit, MI, United States

    Related jobs
    Information System Security Engineer (ISSE)

    Information System Security Engineer (ISSE)

    DCS Corporation • Sterling Heights, Michigan, US
    Temporary
    Work within a customer setting to establish and satisfy complex system-wide information security requirements based upon the analysis of user, policy, regulatory, and resource demands.Essential Job...Show more
    Last updated: 3 days ago • Promoted
    Data Governance Analyst

    Data Governance Analyst

    Old National Bank • Troy, MI, United States
    Full-time
    US-IL-Chicago | US-IN-Evansville | US-MN-Lake Elmo | US-MN-St Louis Park | US-IN-Indianapolis | US-KY-Louisville | US-WI-Milwaukee | US-MI-Troy | US-WI-Madison | US-TN-Nashville.Old National Bank h...Show more
    Last updated: 30+ days ago • Promoted
    Security Engineer

    Security Engineer

    RouteOne • Farmington Hills, MI, United States
    Full-time
    The Security Engineer is responsible for implementing proactive and responsive improvements in information security.The Security Engineer should understand common security controls and requirements...Show more
    Last updated: 30+ days ago • Promoted
    Data Integrity Compliance Lead

    Data Integrity Compliance Lead

    Zoetis, Inc • Detroit, MI, United States
    Full-time
    Preferred Kalamazoo, MI / US Eastern Time Zone, Remote will be considered.The Veterinary Medicine Research and Development (VMRD) Data Integrity Compliance Lead will serve as the organizational exper...Show more
    Last updated: 30+ days ago • Promoted
    Data Protection Engineer, Sr.

    Data Protection Engineer, Sr.

    Old National Bank • Troy, MI, United States
    Full-time
    US-IL-Chicago | US-IN-Evansville | US-MN-Lake Elmo | US-MN-St Louis Park | US-IN-Indianapolis | US-KY-Louisville | US-WI-Milwaukee | US-WI-Madison | US-MI-Troy | US-TN-Nashville.Old National Bank h...Show more
    Last updated: 30+ days ago • Promoted
    Principal Information Protection Specialist

    Principal Information Protection Specialist

    Fifth Third Bank • Detroit, MI, United States
    Full-time
    Make banking a Fifth Third better.We connect great people to great opportunities.Are you ready to take the next step? Discover a career in banking at Fifth Third Bank. The Information Protection Gov...Show more
    Last updated: 3 days ago • Promoted
    Mainframe Systems Programmer - Logical Security

    Mainframe Systems Programmer - Logical Security

    Ensono • Detroit, MI, United States
    Full-time
    Mainframe Systems Programmer - Logical SecurityRemote - United StatesJR012353.At Ensono, our Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Thi...Show more
    Last updated: 1 day ago • Promoted
    Jira Lead Administrator

    Jira Lead Administrator

    Contact Government Services, LLC • Detroit, MI, US
    Full-time
    Employment Type : Full-Time, Mid Level.Department : Information Technology.CGS is seeking a talented Jira Lead Administrator who is passionate about driving transformation in the federal IT domain to...Show more
    Last updated: 18 days ago • Promoted
    Advanced Security Engineer - Cyber Security

    Advanced Security Engineer - Cyber Security

    Relativity • Detroit, MI, United States
    Full-time
    As an Advanced Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure.In this role, the main responsibilities will be to investigate and analyze emerging t...Show more
    Last updated: 30+ days ago • Promoted
    Information System Security Officer (ISSO)

    Information System Security Officer (ISSO)

    DCS Corporation • Sterling Heights, Michigan, US
    Full-time
    The Information Systems Security Officer (ISSO) will provide security engineering support for the design, development, fielding, and sustainment of embedded electronics systems for DoD ground vehic...Show more
    Last updated: 3 days ago • Promoted
    Info Sec Insider Threat Alst

    Info Sec Insider Threat Alst

    Old National Bank • Troy, MI, United States
    Full-time
    US-IL-Tinley Park | US-IL-Chicago | US-IN-Evansville | US-MN-Lake Elmo | US-MN-St Louis Park | US-IN-Indianapolis | US-KY-Louisville | US-WI-Milwaukee | US-MI-Troy | US-WI-Madison | US-TN-Nashville...Show more
    Last updated: 30+ days ago • Promoted
    ETL Solutions Architect

    ETL Solutions Architect

    Global Connect Technologies • Dearborn, MI, US
    Full-time
    The Solution Architect will be responsible for designing, overseeing, and ensuring the successful implementation of data integration pipelines and executive dashboards. This role requires close coll...Show more
    Last updated: 24 days ago • Promoted
    System Security Engineer (SSE)

    System Security Engineer (SSE)

    DCS Corporation • Sterling Heights, Michigan, US
    Full-time
    System Security Engineer (SSE)will provide technical support to formally register Department of Defense (DoD) acquisition programs with their applicable cybersecurity program(s).SSE will assist in ...Show more
    Last updated: 3 days ago • Promoted
    Veeva RIM Administrator

    Veeva RIM Administrator

    Syneos Health / inVentiv Health Commercial LLC • Detroit, MI, United States
    Full-time
    Syneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into ...Show more
    Last updated: 7 days ago • Promoted
    Mainframe Systems Programmer Logical Security

    Mainframe Systems Programmer Logical Security

    Ensono • Detroit, MI, United States
    Full-time
    We are seeking a skilled Mainframe Systems Programmer with 5+ years of experience in mainframe security, specifically with RACF. The ideal candidate will have hands-on experience in administering lo...Show more
    Last updated: 1 day ago • Promoted
    Principal IAM Security Engineer & Architect

    Principal IAM Security Engineer & Architect

    WPS Health Solutions • Detroit, MI, United States
    Full-time
    Principal Identity and Access Management (IAM) Security Engineer & Architect.WPS assets and works with key business partners, developers, vendors, and security engineers to align our IAM Program wi...Show more
    Last updated: 2 hours ago • Promoted • New!
    Principal Information Security Engineer

    Principal Information Security Engineer

    Fifth Third Bank • Detroit, MI, United States
    Full-time
    Make banking a Fifth Third better.We connect great people to great opportunities.Are you ready to take the next step? Discover a career in banking at Fifth Third Bank. The Principal Information Secu...Show more
    Last updated: 30+ days ago • Promoted
    Cyber IT Audit Senior Consultant

    Cyber IT Audit Senior Consultant

    Plante Moran • Southfield, MI, United States
    Full-time
    Our "we-care" culture is more than just a motto; it's a promise.From day one, we prioritize your growth, well-being, and success. You can count on us to support your career journey and help you achi...Show more
    Last updated: 30+ days ago • Promoted