Analyst - ISSO (Remote)

Description & Requirements

Since 1975, Maximus has operated under its founding mission of Helping Government Serve the People, enabling citizens around the globe to successfully engage with their governments at all levels and across a variety of health and human services programs.

Maximus delivers innovative business process management and technology solutions that contribute to improved outcomes for citizens and higher levels of productivity, accuracy, accountability and efficiency of government-sponsored programs.

With more than 30,000 employees worldwide, Maximus is a proud partner to government agencies in the United States, Australia, Canada, Saudi Arabia, Singapore and the United Kingdom.

For more information, visit https://www.maximus.com.

The Maximus Analyst (ISSO) will work directly with the Maximus ISO Federal Director to identify and manage implementation of security policies, standards, and procedures that support customers with federal requirements to include FISMA, applicable FAR Clauses, Executive Orders, and OMB's specific to systems assigned.

The primary role of the ISSO will be the oversight of implementation of FedRAMP Moderate controls for Maximus FedRAMP systems and the management, and administration of a System Security Plan (SSP) to include all required artifacts needed for ATO continuous monitoring in accordance with agency specific and contractual requirements.

This role will support the primary ISSO for Maximus Cloud.

Additional Requirements as per contract/client:

Candidates must be a US Citizen

Candidates must be clearable

Essential Duties and Responsibilities:

- Develop and manage system documentation and artifacts to include policies, procedures, SSP, CMP, CP, and Plan of Actions and Milestones (POA&Ms) and maintain knowledge library and documentation of Standard Operation Procedures (SOPs).

- Facilitate assessment and remediation of monthly compliance scan reports and weekly vulnerability scans for compliance to FedRAMP requirements for cloud security offerings and non-cloud systems and applications.

- Create reports used to evaluate trends to support continuous improvement initiatives.

- Manages vulnerability management program for mission-critical IT System Components; review IPS logs, audit logs (system/application) weekly.

- Assess data derived from project and systems performance management processes and identify gaps.

- Perform quality assurance of work products delivered by Info Sec, IT and Project Management team members and service providers.

- Analyze system data and performance reports to support identification of trends and business impact.

- Facilitate daily meetings with all levels within the organization.

- Develop working relationships with management, staff, stakeholders, and partners.

- Manage the activities of the project in accordance with established policies and procedures.

Project Responsibilities



* Create and manage System Security Plan and creation and or validation...