Information System Security Manager (ISSM)
Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7
Job-Specific Essential Duties and Responsibilities:
Information Security Program Development:
- Develop, implement, and maintain a comprehensive information security program that includes policies, procedures, and guidelines to protect the organization's information assets.
- Regularly review and update the information security program to ensure it remains effective and aligned with industry best practices and regulatory requirements.
Regulatory Compliance:
- Ensure that the organization's information systems comply with all applicable security regulations and standards, including NIST, FISMA, and the Joint Special Access Program Implementation Guide (JSIG).
- Conduct regular audits and assessments to verify compliance and address any identified gaps.
Security Controls Implementation:
- Lead the implementation and maintenance of security controls, such as access controls, data encryption, and vulnerability management.
- Collaborate with IT and other departments to integrate security controls into existing and new systems.
Incident Response Management:
- Manage the organization's security incident response process, including the investigation of security incidents and coordination with internal and external stakeholders to resolve incidents.
- Develop and maintain an incident response plan, conduct regular drills, and ensure all relevant personnel are trained on incident response procedures.
Technical Guidance and Support:
- Provide guidance and support to technical teams in the development and implementation of security solutions and technologies.
- Stay current with emerging security trends, threats, and technologies to provide informed recommendations.
Risk Assessment and Mitigation:
- Conduct security risk assessments to identify potential threats and vulnerabilities.
- Develop and implement risk mitigation strategies to address identified risks, including the creation of risk management plans and the prioritization of security initiatives.
Documentation and Compliance:
- Generate and maintain documentation required for Risk Management Framework (RMF) processes, including Standard Operating Procedures (SOPs), security plans, risk assessments, and Plans of Action and Milestones (POA&M).
- Ensure compliance with the Joint Special Access Program Implementation Guide (JSIG) and other relevant security standards and policies.
External Stakeholder Engagement:
- Represent the organization in meetings and communications with external stakeholders, including government agencies, auditors, and vendors.
- Prepare and present security reports and updates to senior management and external parties as required.
Continuous Improvement:
- Continuously monitor and evaluate the effectiveness of the information security program and make improvements as necessary.
- Foster a culture of continuous improvement by encouraging feedback and coll...
- Rate: Not Specified
- Location: Arlington, US-VA
- Type: Permanent
- Industry: Finance
- Recruiter: Maximus
- Contact: Not Specified
- Email: to view click here
- Reference: 39915
- Posted: 2026-05-28 08:27:46 -
- View all Jobs from Maximus
More Jobs from Maximus
- Sr Buyer and Category Leader
- Senior Manager of Global Benefits
- Multi-Craft Maintenance Technician
- Inside Sales Supervisor
- Senior Risk Analyst
- Industrial Electrical Technician - Talladega, AL
- Production Supervisor
- Process Engineer
- Safety Specialist
- Customer Account Coordinator
- Upstream Seed Treatment Key Account Manager
- Project Manager - Mount Jewett
- Field Services Recruiter
- Quality Technician
- Lab Technician
- Data Platform & Engineering Specialist
- Sr. Valve Engineer
- Field Sales Executive - Adelaide
- Optical Supervisor - The Promenade at Westlake
- Optometrist, PT - Annapolis Town Center