Information System Security Engineer

Description & Requirements

Maximus is seeking a highly skilled Information Systems Security Engineer (ISSE) with specialized expertise in Everfox to join our team in Arlington, VA.

The ideal candidate will excel in the technical aspects of security, including the design, implementation, and maintenance of security solutions within a highly classified hybrid environment.

This role requires a deep understanding of the configuration and management of security tools in accordance with the Joint Special Access Program (SAP) Implementation Guide (JSIG).

The successful candidate will be a proactive problem-solver, an effective communicator, and a collaborative team player dedicated to maintaining robust security postures.

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS034, T4, Band 7

Key Responsibilities:

• Technical Security Expertise:

- Provide technical expertise in the design, implementation, and maintenance of security solutions.

- Ensure that security measures are integrated into the information system throughout its lifecycle.

• Configuration and Management of Security Tools:

- Configure, administer, and maintain security tools, including Everfox, ACAS, Splunk, Enterprise Security Suite (ESS), and other cyber tools to ensure compliance with security policies and standards.

- Implement and manage Security Technical Implementation Guides (STIGs) and other security configurations in accordance with the JSIG.

- Operate and maintain (O&M) security assets, including Security Information and Event Management (SIEM) systems, Intrusion Detection Systems (IDS), Data Loss Prevention (DLP) tools, and security audit log repositories and databases.

• Collaboration and Support:

- Work closely with the Information System Security Manager (ISSM), Information System Security Officer (ISSO), and other stakeholders to ensure that security measures align with overall security policies.

- Support Cyber Analysts by providing technical configurations and data necessary for security assessments and incident response.

- Support detailed reporting and documentation of security assessments, configurations, and incidents.

• Documentation and Compliance:

- Generate and maintain documentation required for RMF processes, including SOPs, security plans, risk assessments, and Plans of Action and Milestones (POA&M).

- Ensure compliance with JSIG and other relevant security standards and policies.

• Continuous Improvement and Training:

- Stay updated with the latest security trends, tools, and best practices.

- Continuously improve security measures and practices to address emerging threats and vulnerabilities.

- Provide training and guidance to team members on security tools and practices.

Minimum Requirements:

• Per contract requirements candidates must possess an active TS/SCI clearance with the ability to obtain CI Poly.

• A Bachelor's degree in a relevant field (e.g., Computer Science, Information System...