Security Manager; FISMA, ATO

All Jobs >
Security Manager (FISMA, ATO)

Fully Remote
• Remote - Washington DC/Baltimore MD Metro Area (DMV), MD

Full-time

NOTE: This opportunity is open to full-time employment (no C2C or 1099 engagements, please). The candidate MUST be a U.S. Citizen or a Permanent Resident (Green Card Holder). This is a remote opportunity and the candidate MUST reside in the United States.

• Responsible for developing and maintaining internal policies and procedures and coordinating efforts to ensure compliance with all applicable federal regulations.
• Lead activities to support HIPAA compliance and alignment with NIST 800 standards, ensuring our systems remain secure and audit ready.
• Evaluating internal and external agreements, creating and maintaining compliance documentation, and overseeing program activities to verify that technology and services meet rigorous regulatory and security requirements.
• Work closely with the security team and cross-functional teams to implement security controls with a risk-based and cost-effective approach.
• Develop, document, and maintain federal-specific policies, procedures, and controls.
• Support efforts to maintain FedRAMP compliance, including the creation of SSP, gathering evidence, and preparing reports.
• Collaborate with team members to manage the continuous monitoring program, including internal and external reporting on vulnerabilities, tracking POA&Ms, and developing artifacts.
• Lead and coordinate with internal teams to develop and implement policies to meet compliance requirements, complete security assessments and audits.
• Conduct periodic risk assessments and audits to ensure compliance with applicable regulatory frameworks.

• Must be a U.S. Citizen or Permanent Resident (Green Card Holder).
• Must be able to complete/pass/hold a Federal Public Trust Investigation.
• This is a remote opportunity, and the candidate must reside in the United States.
• 7+ years of information security experience with a focus on compliance, FedRAMP, FISMA, NIST 800-53, HIPAA, ITAR.
• 3+ years working within healthcare industry or federal health agency (e.g. hospital, federal government).
• Must have a CISSP, CISM, AWS Certified Security or similar security certification.
• Strong knowledge on compliance including FISMA, ATO, NIST, etc.
• Working knowledge of tools such as Qualys, Datadog, and AWS Security services for vulnerability management, SIEM, and scanning.
• Working knowledge of AWS Audit Manager, AWS Artifact, Drata, or Vanta.
• Strong experience with automating the gathering of evidence for information security audits.
• Demonstrated leadership ability engaging teams, clients, and stakeholders to support business objectives.
• Ability to collaborate and communicate with technical and non-technical personnel;
  Ability to work with people at all levels of the organization, including outside consultants and vendors.
• Excellent analytical skills, attention to detail, and strong problem-solving abilities.
• Excellent communication and collaboration skills.
• BS/BA degree in Computer Science, Information Systems, Engineering or related technical or IT discipline.
• Health Insurance Plans (Medical, Rx, Dental, and Vision – Open Access)
• Long Term and Short-Term Disability (Company Paid Benefit)
• Life Insurance (Company Paid Benefit)
• Employee Assistance Program (EAP)
• Generous Paid Time Off (PTO)
• Paid Holidays
• Health Care and Dependent Care Flexible Spending Accounts (FSA)
• Voluntary Life and AD&D Insurance
• Discount Programs for Consumer Products and Wellness Services

Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs. The annual salary range for this position is $135,000 - $170,000