This site uses cookies. To find out more, see our Cookies Policy

Senior SAAS Security Specialist in Lanham, MD at Maximus, Inc.

Date Posted: 10/23/2018

Job Snapshot

Job Description

MAXIMUS is a leading operator of government health and human services programs and has partnered with state, federal and local governments to provide critical, high quality health and human service programs to a diverse array of communities. Operating under MAXIMUS’s founding mission of Helping Government Serve the People® since 1975, MAXIMUS Federal Services is entirely focused on helping government agencies run programs cost-effectively and serve program constituents with improved outcomes. By being a responsible steward for government programs, we help the federal government deliver on its promises through our people, process and technology. Our focus is always on outcomes and results that connect citizens more effectively with government services.

We are seeking a Senior SAAS Security Specialist to support our Internal Revenue Service (IRS) client in New Carrollton MD.

The candidate will provide audit and accountability requirements supporting the legacy Security Audit and Analysis System (SAAS) customers through life cycle processes and the creation of artifacts associated with systems development and the documentation of interface controls between systems. The resource will serve as a liaison between Cybersecurity, Applications Development, and Enterprise Operations to ensure appropriate event monitoring activities are performed to manage and address detected threats.

The Senior SAAS Security Specialist will work as an integrated member of the IRS Cybersecurity team responsible for supporting legacy audit and accountability technologies, to include SAAS while implementing and integrating other enterprise event monitoring solutions.

The candidate will design, develop, and deliver security-related documentation for IRS security event monitoring systems including the development of correlation searches, dashboards and reports for IRS stakeholders. The candidate will consult with all departments within IT to determine how to onboard security monitoring in new technologies being introduced or upgraded in the enterprise. The candidate will communicate potential security exposures, misuse or noncompliance situations to the Information System Security Officer (ISSO).

The candidate will monitor and maintain knowledge on new security trends and technologies to better position detective and preventative controls to minimize risks associated with security breaches.

The candidate will provide guidance and educate IRS employees on the concepts and needs of a security conscious culture to achieve compliance according to the Internal Revenue Manual (IRM) to promote high levels of security knowledge or awareness.

The candidate must be able to work 1-2 days a week at the IRS facility in New Carrollton MD, with remaining days working remotely from home. The selected candidate must be flexible and available to attend meetings or perform other activities in New Carrollton as required.

•Work with applications to develop and implement their audit plans per the IRM 10.8.1
•Work with the Infrastructure audit team to ensure that an Infrastructure component audit plan exists to support the application that leverages the component
•Work with the ArcSight engineers to deploy and implement the audit solution for servers
•Work with applications to develop their ICDs and document their auditable events for transmission to the SAAS system
•Support the UWR team to document estimated and actual costing of time required and taken to develop and implement audit plans
•Document Audit deficiency memos when there are discrepancies between the Application audit plan and the IRM 10.8.1. These memos would be sent to the Security Risk Management team where a PO&AM would be entered into the TFIMS database for that application
•Manage the master spreadsheet that tracks the development and status of the Application audit plans and the ICD development document
•Manage the archive of the completed audit plans in the TFIMS system
•Assist in the development of the monthly ESAT metrics that is presented to the ESAT ACIO.
•Participate in testing of new releases and upgrades of the SAAS system
•Conduct FISMA training of IPT members on the development of application audit plans and ICD documents
•Collaborate with IRS stakeholders to include their information systems in IRS Cybersecurity audits and accountability technologies, to include SAAS, Splunk, Guardium, and ArcSight
•Collaborate with IRS stakeholders to ensure security-related documentation such as ACR and ICD is up-to-date
•Review, analyze, and coordinate requirements to develop acceptable IRS audit and accountability programs
•Review and create design or functional documentation for programmers to develop code to be used to ingest auditable and actionable events in IRS Cybersecurity audit and accountability technologies
•Work alone and with teams comprised of the primary client and other client stakeholders dispersed across geographical sites
•Review and provide feedback on Unified Work Requests (UWRs)
•Provide status reports and attend meetings

QUALIFICATIONS:
•Bachelor's Degree from an accredited college or university required, an additional four (4) years of related work experience can substitute for a degree
•At least eight (8) years of related audit and accountability experience
•Experience with Security Audit and Analysis System (SAAS)
•Experience with reviewing, analyzing and coordinating requirements for ingesting auditable and actionable events into Cyber Security audit and accountability technologies
•Proven ability to work on and with teams comprised of the primary client and other client stakeholders dispersed across geographical sites
•Excellent verbal and written communication skills
•Preferred experience: Experience with and/or knowledge of IRS IRMs; Experience with reviewing/analyzing UWR requirements; Experience with IRS systems, such as eAuth, ACA applications, CADE2, GMF, ERS, IMF Document Specific, BMF Document Specific, IDRS, AIMS, etc.

Physical Requirements:
•Work is performed in a general office environment

Additional Requirements as per contract/client:
•Candidates must meet requirements to obtain and maintain an IRS Minimum Background Investigation (MBI) clearance (active IRS Moderate Risk MBI clearance is a plus).
•Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for 3 years, and be Federal Tax compliant. The Ideal Candidate will Possess the Following Additional Education and Experience

**Computer Professional Job Profile

  • Typically requires a minimum of 8 years of related experience with a Bachelors degree; or 6 years and a Master's degree; or a PhD with 3 years experience; or equivalent experience.
  • Works on complex issues where analysis of situations or data requires an in depth evaluation of variable factors.
  • Exercises judgement in selecting methods, techniques, and evaluation criteria for obtaining results.
  • Networks with key contacts outside own area of expertise.
  • Develops solutions to a variety of complex problems.
  • Work requires considerable judgment and initiative.
  • Exerts some influence on the overall objectives and long-range goals of the organization.
EEO Statement EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies MAXIMUS deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. MAXIMUS is an Affirmative Action/Equal Opportunity Employer. MAXIMUS provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.