IT Spec - Cyber Sec Arch

Description & Requirements

MAXIMUS is a leading operator of government health and human services programs and has partnered with state, federal and local governments to provide critical, high quality health and human service programs to a diverse array of communities.

Operating under MAXIMUS's founding mission of Helping Government Serve the People® since 1975, MAXIMUS Federal Services is entirely focused on helping government agencies run programs cost-effectively and serve program constituents with improved outcomes.

By being a responsible steward for government programs, we help the federal government deliver on its promises to our people.

We are seeking an experienced Senior Security Engineer to join our team.

As a Senior Security Engineer, you will be responsible for designing, implementing, and maintaining security infrastructure and systems.

Your role will involve conducting security assessments, managing security incidents, and providing technical expertise to enhance the overall security posture of systems and networks.

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS032, T2, Band 5

Specific Responsibilities:
• Design, implement, and maintain the organization's security infrastructure, including firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention (DLP), and security information and event management (SIEM) systems.

• Conduct security assessments and penetration testing to identify vulnerabilities and develop mitigation strategies.

• Develop and maintain security policies, procedures, and standards in compliance with industry best practices and regulatory requirements.

• Develop and track Plan of Action and Milestones (POA&Ms) to address identified security vulnerabilities and compliance gaps

• Support DevSecOps initiatives by developing and implementing test-driven security within a CI/CD pipeline

• Work and support Authorization to Operate (ATOs, cATOs)

• Conduct research on emerging threats, vulnerabilities, and technologies to stay updated on the evolving security landscape.

• Participate in incident response activities, including forensic analysis, evidence gathering, and reporting.

Required Skills:

• Bachelor's degree: additional experience would be considered in lieu of degree

• 7+ years of experience as a Security Engineer or in a related field.

• Per contract requirements candidates must possess an active Secret Clearance

• Must be based around the Colorado Springs, Colorado area and be available for on-site work.

Desired Skills:

• Certification in Cisco Certified Network Professional (CCNP) OR Cisco Certified Design Expert (CCDE), OR Cisco Certified Internetwork Expert (CCIE)

• Relevant experience and certifications (e.g., CISSP, CISM, GIAC) are preferred

• Familiarity with security compliance frameworks, such as NIST, ISO 27001, and GDPR.

• Excellent scripting and automation skills, with proficiency in scripting ...