Security Analyst

Description & Requirements

Maximus has an exciting opportunity to join their team supporting a Federal financial client.

As a Security Analyst you will have the chance to:

• Proactively monitor vulnerability scans from multiple Security tools, ensuring identification as early as possible and generating remediation tickets in Jira

• Support end-to-end ownership of security vulnerabilities from identification through deployment

• Actively engage with client stakeholders (IT and Security Teams), leading discussions and communication on status and remediation for vulnerabilities stemming from injection threats, authentication and access control, data handling, configuration issues, and outdated software,

• Perform evaluations of vulnerability findings to include the ability to effectively detect false positives produced from security scanning tools, and validate the remediation steps performed by development and infrastructure teams

• Conduct investigations into security vulnerabilities and develop remediation actions that a developer or engineer could use in the mitigation of the threat

• Develop and update required security-related documents (System Security Plan, Security Impact Analysis, Privacy Impact Analysis, etc.) and lead cross-team collaboration to fulfill CIO security policies as needed

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS056, T2, Band 5

Minimum Requirements:

• Due to Fedderal requirements, all candidates must be US citizens and be able to pass a clearance process for a position of Public Trust

• 3+ years of direct experience in IT (preferably Security focused)

• Scripting experience in one or more of the following: Bash, Python, PowerShell

• Operating Systems Experience: Both Linux/Unix and Windows

• Experience reviewing findings in one or more of the following scanning tools: Tenable, BurpSuite, RedHat ACS, Veracode, Contrast, Imperva or similar scanning tools

• Certifications (one or more): Security+, A+, Network+, Certified Ethical Hacker (CEH)

• Excellent analytical and problem-solving skills, particularly as it applies to IT security

• Excellent time management and organizational skills, and ability to handle multiple concurrent tasks and projects with minimal supervision

• Proven ability to coordinate vulnerability fixes across development and infrastructure teams to reach an issue resolution in a timely manner

• Demonstrated ability to build trusted advisor relationships with clients

• Experience leading oral presentations to IT Security stakeholders and senior leadership

• Proficient with technical documentation, especially with experience in write-ups on IT Security topics

Minimum Requirements

TCS056, T2, Band 5

Preferred Key Skills and Abilities:

• Advanced Excel knowledge (i.e.

vlookups, pivot tables)

• Ability to work with Business Intelligence developers in providing requirements for systems and dashboards that norm...