Job Information
ASRC Federal Holding Company Senior Security Manager in Baltimore, Maryland
Senior Security Manager - Washington, D.C .
ASRC Federal Cyber, LLC is a technical, professional services company providing state-of-the-art solutions to government and commercial clients. Our services include custom-engineered solutions that integrate with the latest technology, resulting in advanced information technology systems; business and management consulting services to assess client needs and reengineer processes; and strategic and tactical program expertise to support continuity and provide comprehensive oversight for mission-critical initiatives.
We partner with government agencies that require development of systems, such as end user services, asset management, network deployment and engineering services, power and energy management solutions, portal applications, command and control, and geospatial information systems (GIS) to operate more efficiently and profitably.
As an emerging IT consulting and strategic outsourcing leader, we're always looking for exceptionally bright and motivated people to join our team. We are thought leaders in our market space - providing comprehensive solutions to our clients, throughout the enterprise. If you are looking for an opportunity to use your skills in new ways, in an environment that promotes free thinking, presents positive challenges, and makes real impact - ASRC Federal Cyber is the place for you.
We are currently seeking a Senior Security Manager to work at our contractor site in the Washington, D.C. metropolitan area supporting a large data and cloud opportunity in the civilian space.
RESPONSIBILITIES
Maintain client data in a secure Federal Information Security Modernization Act (FISMA) compliant cloud infrastructure (currently in Amazon Web Services and Microsoft Azure) meeting required client security requirements
Support security assessments, perform system security tests, remediate security deficiencies, and maintain security documentation according to federal standards
Support security incident reporting, tracking and resolution based on client requirements
Respond quickly to directional changes as needed to address unforeseen security changes
Research and leverage IT innovation and new tools and technologies where appropriate to improve system security
Stay current with innovations and releases of COTS products and make recommendations to leverage new COTS software applications or upgrades, as feasible, to improve system security
Collaborate with client on Development, Security and Operations (DevSecOps), software planning, design and development, all phases of testing, implementation and post-release review and monitoring
Develop and recommend a strategy for releases needed to upgrade security to address new threats, resolve security findings
Build, maintain, and support audit log to collect details for monitoring and maintaining system activity and for supporting audit activities and uncover breaches in compliance, security threats and support audit activities
Make recommendations when appropriate for new development tools and software needed to resolve security findings
Implement cloud security tools and best practices needed to maintain a secure multicloud environment, including encryption, data access, risk identification and mitigation, alerts to known/potential security issues, secure cloud environment deployments, and mitigation of cloud data security challenges
Operate and maintain cloud-native endpoint security software tools, such as VMware Carbon Black and ensure the tools are installed, configured, leveraged, and maintained to protect client cloud environments from malicious attacks
Hire and retain qualified system security experts
Leverage existing and emerging industry standards to optimize API security
Ensure that new APIs are developed as necessary to enhance existing functionality and increase system security
Develop comprehensive test plans and conduct necessary security testing
Collect feedback from workgroups and present findings, impacts, and next steps to client and relevant audiences
Communicate issues and concerns effectively and efficiently and track issues, concerns and/or risks to resolution
Present technical information to a non-technical audience
Perform other duties as required and assigned
Requirements :
REQUIREMENTS
Bachelor’s degree in computer science or related field
One or more of the following certifications:
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA) (https://www.zippia.com/)
Active ITIL certification
5+ years of experience in security management
Experience managing federal security solutions
Experience with one or more different Agile methodologies including Scrum, Lean, SAfe
Experience preparing project cost estimates to include but not limited to, labor, travel, equipment and software
Proficiency with written technical proposals and review of proposals for technical integrity, quantification of risk, and strategic direction
Successful client reporting and customer liaison experience
A strong, proactive work ethic and superior collaboration skills
Preferred
Agile certification (i.e., PMI-ACP, Certified Scrum Master, Certified Product Manager; SAFe Agilist)
Master’s Degree in related field of study or equivalent years of experience
Security management experience with the Centers for Medicare and Medicaid Services (CMS)
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
ASRC Federal Holding Company
- ASRC Federal Holding Company Jobs