Cybersecurity Lead

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7

Job-Specific Essential Duties and Responsibilities:

- Leads and oversees all cybersecurity and information assurance activities across TSA's 24/7/365 enterprise IT and OT environments, ensuring systems and data remain secure, compliant, and operationally resilient across on-premises, cloud, and hybrid platforms.

- Provides hands-on technical oversight for vulnerability management, POA&M remediation, configuration hardening, and security control implementation, actively guiding technical decisions and validating remediation actions for high-risk findings.

- Directs operational cybersecurity support activities, including execution of immediate response actions during security incidents such as access restrictions, system isolation, account actions, and risk mitigation as directed by TSA authorities.

- Serves as the primary cybersecurity coordination lead with TSA SOC, ISSOs, and other designated security personnel, ensuring incident response activities are aligned, timely, documented, and fully auditable.

- Manages and mentors cybersecurity staff, setting priorities, assigning work, and ensuring adequate coverage to support continuous operations while maintaining strong knowledge transfer and succession planning.

- Oversees FISMA compliance activities, including vulnerability scanning support, POA&M management, compliance reporting, and delivery of required inputs for TSA and DHS cybersecurity scorecards and audits.

- Ensures cybersecurity requirements are integrated into daily operations, change management, patching, cloud services, and system lifecycle activities, reducing operational risk and preventing security gaps.

- Maintains complete, accurate, and audit-ready cybersecurity documentation, artifacts, and reports, and supports continuous improvement of cybersecurity processes, tools, and operational practices.

- Develops a set of security standards and best practices for the organization and recommend security enhancements to management as needed.

- Develops strategies to respond to and recover from a security breach.

Install and use software, such as firewalls and data encryption programs, to protect organizations' sensitive information.

- Conducts periodic scans of networks to find any vulnerability and conducts penetration testing to highlight or find any weaknesses that might be exploited by a malicious party.

Job-Specific Minimum Requirements:

- Bachelor's degree in a related discipline; relevant experience may be substituted in lieu of a degree.

- 7+ years of required work-related experience.

- This role is hybrid and may be based out of either the Springfield, VA or Stennis, MS location, with an anticipated requirement to work on-site approximately 50% of the time and occasional travel to other site locations, based on customer needs.

- Active Secret Clearance.

Preferred Skills and Qualifications:

- Experience with IT Se...