Information System Security Manager (ISSM)
Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS040, T4, Band 7
Job-Specific Essential Duties and Responsibilities:
Information Security Program Development:
- Develop, implement, and maintain a comprehensive information security program that includes policies, procedures, and guidelines to protect the organization's information assets.
- Regularly review and update the information security program to ensure it remains effective and aligned with industry best practices and regulatory requirements.
Regulatory Compliance:
- Ensure that the organization's information systems comply with all applicable security regulations and standards, including NIST, FISMA, and the Joint Special Access Program Implementation Guide (JSIG).
- Conduct regular audits and assessments to verify compliance and address any identified gaps.
Security Controls Implementation:
- Lead the implementation and maintenance of security controls, such as access controls, data encryption, and vulnerability management.
- Collaborate with IT and other departments to integrate security controls into existing and new systems.
Incident Response Management:
- Manage the organization's security incident response process, including the investigation of security incidents and coordination with internal and external stakeholders to resolve incidents.
- Develop and maintain an incident response plan, conduct regular drills, and ensure all relevant personnel are trained on incident response procedures.
Technical Guidance and Support:
- Provide guidance and support to technical teams in the development and implementation of security solutions and technologies.
- Stay current with emerging security trends, threats, and technologies to provide informed recommendations.
Risk Assessment and Mitigation:
- Conduct security risk assessments to identify potential threats and vulnerabilities.
- Develop and implement risk mitigation strategies to address identified risks, including the creation of risk management plans and the prioritization of security initiatives.
Documentation and Compliance:
- Generate and maintain documentation required for Risk Management Framework (RMF) processes, including Standard Operating Procedures (SOPs), security plans, risk assessments, and Plans of Action and Milestones (POA&M).
- Ensure compliance with the Joint Special Access Program Implementation Guide (JSIG) and other relevant security standards and policies.
External Stakeholder Engagement:
- Represent the organization in meetings and communications with external stakeholders, including government agencies, auditors, and vendors.
- Prepare and present security reports and updates to senior management and external parties as required.
Continuous Improvement:
- Continuously monitor and evaluate the effectiveness of the information security program and make improvements as necessary.
- Foster a culture of continuous improvement by encouraging feedback and coll...
- Rate: Not Specified
- Location: Arlington, US-VA
- Type: Permanent
- Industry: Finance
- Recruiter: Maximus
- Contact: Not Specified
- Email: to view click here
- Reference: 39915
- Posted: 2026-05-28 08:27:46 -
- View all Jobs from Maximus
More Jobs from Maximus
- Study Start Up Lead (SSUL) (m/w/d), befristet für 1 Jahr
- Ügyfélszolgálati Specialista
- Foreman
- NDT Quality Technician II (Albany, OR)
- Wax Assembler - Prior Experience Required (Albany, OR)
- Tower Mechanic
- Tower Mechanic
- Postbote für Pakete und Briefe (m/w/d)
- Raktári ügyintéző és veszélyesáru kezelő
- Postbote für Pakete und Briefe (m/w/d)
- Postbote für Pakete und Briefe (m/w/d)
- Licensed Optician - University Town Center Sarasota
- Postbote für Pakete und Briefe (m/w/d)
- Dietary Aide/Dishwasher
- Postbote für Pakete und Briefe in Schleswig (m/w/d)
- Senior Staff Accountant
- Lead Bartender
- Guest Service Associate
- Hotel Housekeeper
- Guest Service Associate