Maximus · 22 hours ago
Sr Analyst – Shared Services – Enterprise
United States
Full-time
Remote
Mid, Senior Level
$91K/yr - $123K/yr
5+ years expMaximus is a company that provides shared services and cybersecurity solutions. They are seeking a Senior Analyst to oversee compliance with security policies and manage System Security Plans for enterprise shared services systems that support Federal and State customers.
Enterprise SoftwareEducationGovernmentConsultingHealthcareInformation TechnologyBusiness Process Automation (BPA)GovTechHealth Care
No H1B
Security Clearance Required
Responsibilities
Responsible for ensuring information security for an assigned area of Business/Project focusing on key areas of risk, outlined in the Information Security policy, under the direction of the Information Security management team
Conduct Information Security risk assessments and compliance evaluations for infrastructure and application assets within required timeframes and to industry standards and regulatory specifications
Ensure controls implementation for identified Information Security risks for business area of responsibility
Define, create and maintain the documentation for certification and accreditation of each information system in accordance with regulatory requirements
Support audit and client engagements, coordinate the collection, review and submission of Information Security deliverables and coordinate the remediation of audit concerns
Manage expectations with multiple stakeholders on projects and programs in conjunction with the Information Security team
Promotion of Information Security awareness through various communication channels within the organization
Collaborate with the Information Security team members on process improvements, secure design and recertification of MAXIMUS assets
Create and manage System Security Plans, including the validation of all associated artifacts required to maintain agency ATO and NIST 800-53 compliance. This includes, but is not limited to a System Level Continuous Monitoring (SLCM) Strategy, HW/SW lists, Information Flow Diagrams, System Categorization Forms, System Topologies, Configuration Management Plan, Configuration Control Board (CCB) Charter, System and Services Acquisition Plan, System and Information Integrity Plan, System and Communication Protection Plan, Security Assessment and Authorization Plan, Risk Assessment Plan, Program Management Plan, Security Planning, Physical and Environmental Protection Plan, Personnel Security Plan, Media Protection Plan, Identification and Authentication Plan, Contingency Plan, Audit and Accountability Plan, Security Awareness and Training Plan, Incident Response Plan, Access Control Plan, Risk Assessment Review (RAR) and Plans of Action and Milestones (POA&Ms)
Liaise with project ISSOs using shared services, IT organization, corporate business units, system owners, and subject matter experts to ensure legal and contractual requirements pertaining to cybersecurity, physical security, and information assurance are being met
Communicate government regulatory security and compliance requirements to the Senior Director of Security Governance and advise implementation of applicable security controls and hardening standards to governance and technical teams
Assist and advise the Senior Director of Security Governance and information security in the identification, assignment, and training of control owners throughout the organization and continually review controls on organizationally defined periodicities
Actively collaborate with the Threat and Vulnerability Management (TVM) Team to ensure applicable technologies are compliant with defined vulnerability remediation timelines and hardening standards via enterprise vulnerability management tools
Qualification
Required
Bachelor's degree in related field
5-7 years of relevant professional experience required
Equivalent combination of education and experience considered in lieu of degree
Bachelor's degree in computer science or related field or the equivalent combination of education, training, or work experience
7+ of security or technology related experience
Strong understanding of US government cybersecurity requirements to include but not limited to applicable Executive Orders, FISMA, FIPS, NIST 800-53, NIST 800-60, and NIST 800-65
Knowledge of State and Global security requirements to include but not limited to Cyber Essentials Plus, ISO27001, and ARC-AMPE
Experience with GRC tools
Experience developing SSP's and applicable artifacts required for A&A activities
Experience with STIG compliance
Experience with vulnerability management and assessment via Qualys and Tenable
Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors
Exercises judgement in selecting methods, techniques, and evaluation criteria for obtaining results
Develops solutions to a variety of complex problems
Work requires considerable judgment and initiative
Ability to communicate technical information in understandable business terms
Excellent interpersonal skills, presentation skills, and verbal / written communication skills
Strong customer service abilities required
Ability to work collaboratively with a broad range of staff
Ability to perform comfortably in a fast-paced, deadline-oriented work environment
Ability to execute many complex tasks simultaneously, and work as a team member as well as independently
Preferred
RMF and A&A Experience desired
Benefits
Health insurance coverage
Life and disability insurance
A retirement savings plan
Paid holidays
Paid time off
Company
Maximus
Providing government technology services, digitally enabled customer experiences, and clinical health services that change lives.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
$7.93M2010-12-09Post Ipo Equity· $7.93M
Leadership Team
Elisabeth Schmidt
Senior Vice President
Michael Mateer
Sr. Vice President, Enterprise Technology
Recent News
2026-02-05
2025-11-20
Company data provided by crunchbase