Information Security Assessor
Posted on: March 20, 2023
JOB DESCRIPTION SUMMARYWe are seeking Information Security
Assessors to join our team supporting an Internal Revenue Service
(IRS) client. The team will ensure protection of Federal Tax
Information with IRS trade partners while ensuring compliance with
NIST 800-53 controls framework.Location of work is remote. Position
will require travel to other government agency sites for
information security control assessments. Periodic travel to the
IRS facility in Washington DC for meetings may also be
required.*Positions are contingent on contract award.
- Interview key stakeholders (developers, ISSOs, business POCs,
etc.) to determine security controls implementation.
- Execute security control assessment plan by following provided
assessment procedures, collecting, and analyzing evidence, and
documenting steps taken, and findings documented.
- Update System Security Plan with actual control implementation
determined during assessment.
- Develop Security Assessment Reports for management staff
providing residual risk statement, impact, and suggested corrective
- Use NIST SP 800-53, "Security and Privacy Controls for
Information Systems and Organizations", to assess information
security controls for compliance
- Perform risk analyses which also includes risk
assessment.Project Minimum Qualifications:
- Bachelor's Degree from an accredited college or university
required. Information Technology curriculum preferred. An
additional four (4) years of related experience may substitute for
- At least five (5) years of information security experience or
- At least active Security+ certification or one of the preferred
certifications listed below.
- Experience in the following guidelines: National Institute of
Standards & Technology (NIST) Special Publication (SP) 53 / 53A -
Recommended Security Controls for Moderate Risk Federal Information
Systems and/or Federal Information Processing Standards (FIPS) 199
& 200 and/or NIST 800-30 and Center for Internet Security (CIS)
Benchmarks and/or NIST SP 800-37: Risk Management Framework (RMF)
for Information Systems and Organizations; NIST-137: Information
Security Continuous Monitoring (ISCM) for Federal Information
Systems and Organizations and/or OMB Circular A-130.
- Experience in assessing, identifying, and addressing technical
computer security risk and conducting computer security
- Possess strong attention to detail, and verbal and written
- Knowledge of vulnerability scanning and remediation
- Knowledge of Plan of Action and Milestones (POA&M)
- Knowledge of Certification and Accreditation (C&A) /
Security Assessment and Authorization (SA&A)
- Knowledge of FedRAMP Information Security control
- Experience in virtual operating systems such as VMWare and
Hyper V, workstation operating systems such and Windows and
Linux-based and cloud computing technologies
- Experience in telecommunications and networking devices, such
as firewalls, routers, switches virtual private networks (VPN),
wireless, voice over Internet protocol (VoIP), and SAN.
- Experience in encryption methodology including, but not limited
to Virtual Private Network, Transport Layer Security and Secure
- Preferred qualifications and experience include: experience
with IRS projects; Knowledge of IRS 1075, and/or Treasury Directive
Policy 85-01; CISA, CISM, CISSP, CEH, Cloud+ and/or CIPT
certificationsAdditional Requirements as per Contract:
- Candidates must meet requirements to obtain and maintain an IRS
Minimum Background Investigation (MBI) clearance (active IRS
Moderate Risk MBI clearance is a plus)
- Candidates must be a US Citizen or a Legal Permanent Resident
(Green Card status) for 3 years, and be Federal Tax compliantJOB
SUMMARYESSENTIAL DUTIES AND RESPONSIBILITIES:
- Perform complex risk analyses and risk assessment.
- Establish and satisfy Information Assurance (IA) and security
requirements based upon the analysis of user, policy, regulatory,
and resource demands.
- Support customers in the development and implementation of
doctrine and policies.
- Advise information system owners on client/project security
policies and requirements for systems.
- Keep abreast of emerging security technologies and make
appropriate recommendations regarding the enhancement of the
security posture of systems and their implementation.MINIMUM
- Bachelor's Degree.
- 5-7 years of related experience required.
- Computer Professional Job ProfileMAXIMUS INTRODUCTIONSince
1975, Maximus has operated under its founding mission of Helping
Government Serve the People, enabling citizens around the globe to
successfully engage with their governments at all levels and across
a variety of health and human services programs. Maximus delivers
innovative business process management and technology solutions
that contribute to improved outcomes for citizens and higher levels
of productivity, accuracy, accountability and efficiency of
government-sponsored programs. With more than 30,000 employees
worldwide, Maximus is a proud partner to government agencies in the
United States, Australia, Canada, Saudi Arabia, Singapore and the
United Kingdom. For more information, visit
https://www.maximus.com.EEO STATEMENTEEO Statement: Active military
service members, their spouses, and veteran candidates often embody
the core competencies Maximus deems essential, and bring a
resiliency and dependability that greatly enhances our workforce.
We recognize your unique skills and experiences, and want to
provide you with a career path that allows you to continue making a
difference for our country. We're proud of our connections to
organizations dedicated to serving veterans and their families. If
you are transitioning from military to civilian life, have prior
service, are a retired veteran or a member of the National Guard or
Reserves, or a spouse of an active military service member, we have
challenging and rewarding career opportunities available for you. A
committed and diverse workforce is our most important resource.
Maximus is an Affirmative Action/Equal Opportunity Employer.
Maximus provides equal employment opportunities to all qualified
applicants without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, protected veteran
status or disabled status.PAY TRANSPARENCYMaximus compensation is
based on various factors including but not limited to a candidate's
education, training, experience, expected quality and quantity of
work, required travel (if any), external market and internal value
analysis including seniority and merit systems, as well as internal
pay alignment. Annual salary is just one component of Maximus's
total compensation package. Other rewards may include short- and
long-term incentives as well as program-specific awards.
Additionally, Maximus provides a variety of benefits to employees,
including health insurance coverage, life and disability insurance,
a retirement savings plan, paid holidays and paid time off.
Compensation shall be commensurate with job duties and relevant
work experience. An applicant's salary history will not be used in
Keywords: MAXIMUS, Salem , Information Security Assessor, Other , Salem, Oregon
Didn't find what you're looking for? Search again!
Loading more jobs...