×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Lead Analyst - Info Sec

Job in Phoenix, Maricopa County, Arizona, 85003, USA
Listing for: Maximus
Full Time position
Listed on 2026-01-03
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Description & Requirements

The Maximus DoD Cloud Information Systems Security Officer (ISSO) will work directly with the Maximus Federal Business Information Security Officer (BISO) to identify and manage implementation of security policies, standards, and procedures that support federal customers with federal requirements to include FISMA, applicable FAR and DFAR Clauses, Executive Orders, and OMB's applicable to IL5 Cloud Environments.

The primary role of the ISSO will be the creation, management, and administration of a System Security Plan (SSP) to include all required artifacts needed to obtain a DISA IL5 certification and to maintain compliance with NIST 800-53 and associated NIST 800 series publications.

The ISSO will be responsible for all continuous monitoring of the IL5 environment supporting federal customers and will be the SME for control management and the establishment of Inheritance which will be used to support future DoD projects.

Essential Duties and Responsibilities
  • Performs application vulnerability assessments to identify application vulnerabilities.
  • Performs network vulnerability assessments to identify host vulnerabilities.
  • Identifies, analyzes, and prioritizes vulnerability findings.
  • Analyzes system configurations to identify possible security gaps and or compliance violations.
  • Establishes collaborative working relationships with internal resources to provide security assessments, reports, and recommendations.
  • Performs other related duties as assigned.
Additional Duties and Responsibilities
  • Create and manage System Security Plan and creation and or validation of all associated artifacts required to obtain DISA IL5 certification as well as NIST 800-53 compliance to include but not limited to a System Level Continuous Monitoring (SLCM) Strategy, HW / SW lists, Information Flow Diagrams, System Categorization Forms, System Topologies, Configuration Management Plan, Configuration Control Board (CCB) Charter, System and Services Acquisition Plan, System and Information Integrity Plan, System and Communication Protection Plan, Security Assessment and Authorization Plan, Risk Assessment Plan, Program Management Plan, Security Planning, Physical and Environmental Protection Plan, Personnel Security Plan, Media Protection Plan, Identification and Authentication Plan, Contingency Plan, Audit and Accountability Plan, Security Awareness and Training Plan, Incident Response Plan, Access Control Plan, Risk Assessment Review (RAR) and Plan of Action and Milestone (POA&M).
  • Liaison with Maximus Federal business units, Maximus Corporate business units, and external stakeholders to ensure all legal and contractual requirements pertaining to cybersecurity, physical security, and Information Assurance are being met.
  • Communicate federal requirements to Maximus Information Security Office (ISO) and advise implementation of applicable security controls and hardening standards to governance and technical teams.
  • Assist the BISO and ISO Team in the identification and assignment of control owners throughout the organization and continually review controls on organizationally defined periodicities.
  • Actively collaborate with Maximus Threat and Vulnerability Management (TVM) Team to ensure applicable technologies are compliant with defined remediation timelines and hardening standards via enterprise vulnerability management tools.
Minimum Requirements
  • Please refer to the additional information section of the job requisition for this opening to determine clearance eligibility required.
  • Bachelor's Degree
  • 7-10 years of security or technology related experience
  • Professional certifications, such as Security+, CEH, or CISSP, desirable
    • Knowledge of IPv4 network architecture and core services
  • Knowledge of web application development and architecture
  • Knowledge of network security controls
  • Knowledge of vulnerability management
  • Experience with dynamic application security testing (DAST) tools
  • Experience with vulnerability management (VM) tools
  • Familiarity with OWASP Top 10
  • Familiarity with WASC Threat Classification
    • Familiarity with CVE
  • Familiarity with NIST SP 800-53
  • Experience with automated service ticketing systems
  • Excellent…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search