IT Security Specialist 4

MAXIMUS is a leading operator of government health and human services programs and has partnered with state, federal and local governments to provide critical, high quality health and human service programs to a diverse array of communities. Operating under MAXIMUS's founding mission of Helping Government Serve the PeopleĀ since 1975, MAXIMUS Federal Services is entirely focused on helping government agencies run programs cost-effectively and serve program constituents with improved outcomes. By being a responsible steward for government programs, we help the federal government deliver on its promises through our people, process and technology. Our focus is always on outcomes and results that connect citizens more effectively with government services. The MAXIMUS SMOMS team supports operations at the NOAA Environmental Satellite Processing Center. We are responsible for ensuring reliable operation of the systems that decode the data coming from weather satellites, make images, perform scientific analyses to make higher level products, and make these products available to National Weather Services (NWS) local forecast offices, NWS supercomputers running advanced numerical models, and a host of other users at NOAA, other government agencies, international users and more. The candidate will directly support IT Security organization through performing activities required for Security Control Audits (SCAs), Authorization and Accreditation activities, and responding to Plans Of Action and Milestones (POA&Ms), and other security functions as needed. Essential Job Duties: Plan, prepare, and participate in authorization and accreditation (A&A) activities Plan, prepare, and participate in Security Control Audits (SCAs) activities Gather artifacts, review information in response to Plans Of Action and Milestones (POA&Ms) Develop, review and produce Standard Operating Procedures (SOPs) and other project documentation Attend security and other project meetings and report statuses Review, analyze, and evaluate business systems and user needs, specifically in Authorization and Accreditation (A&A) (security requirements and documentation support for Office of Satellite and Product Operations OSPO systems) and Plans of Action and Milestones (POA&Ms) management Interact on a daily basis with the SMOMS PMO, Operations and IT Security teams to address the needs in the areas of A&A and POA&M remediation Write, edit, and/or manage a wide variety of IT Security documentation, and be familiar with federal IT standards such as the Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS), NIST Special Publications (SPs), and especially NIST SP 800-37 Rev 1 (Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach). Manage internal audits of the systems prior to third party audits Maintain work schedules that align with deliverables specified in the contract - Interview subject matter experts and use analytics and critical thinking to develop, edit, and/or revise a wide variety of documentation including standard operating procedures, system security plans, and policies and procedures, among others, and produce or edit technical drawings using MS Visio or similar design tools Use experience and judgment to consult with engineers, system administrators, and programmers in the preparation and revision of technical documentation for existing and new data products Provide ITSEC SME support for the management of the Office of Satellite and Product Operations (OSPO) documentation electronic library Education and Experience Requirements: Bachelor's Degree from an accredited college or university required; equivalent work experience will be considered in lieu of degree At least ten (10) years of IT security experience required Proficiency in Microsoft Office suite (Word, Excel, PowerPoint, Visio and Project) Strong verbal and written communication skills Strong analytical, critical thinking, and problem-solving skills Must be organized, timely, and customer service oriented Ability to work well independently and in a team setting Adaptability, flexibility and ability to deal with ambiguous and dynamic requirements Excellent oral and written communication and customer service skills Excellent attention to detail and analytical skills Preferred Experience: Knowledge of Federal NIST Standards Utilization of scanning products such as Nessus, Retina, and Core Impact - FIPS 140-2, 199, 200 - NIST 800-37 Rev 1 (DIACAP, NIACAP or similar products) - NIST 800-53 REV 4 - FISMA A&A continuous monitoring Providing FISMA Vulnerability and Compliance Scanning - A&A Core Documentation development (i.e. SSP, CP/BIA) Assessing and maintaining security controls for a FIPS 199 High Category federal information system Security Repository Tools such as Cyber Security Assessment and Management (CSAM) or Trusted Agent FISMA (TAF) Experience working in, or implementing, an IT Security program in the Department of Commerce or the National Oceanic and Atmospheric Administration Additional Requirements as per Contract/Client: Ability to maintain a Public Trust, eligibility suitability for employment United States Citizenship required A committed and diverse workforce is our most important resource. MAXIMUS is and Affirmative Action/Equal Opportunity Employer. MAXIMUS provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.