DE Jobs

Search from over 2 Million Available Jobs, No Extra Steps, No Extra Forms, Just DirectEmployers

Job Information

ASRC Federal Holding Company Senior Security Manager in Baltimore, Maryland

Senior Security Manager - Washington, D.C .

ASRC Federal Cyber, LLC is a technical, professional services company providing state-of-the-art solutions to government and commercial clients. Our services include custom-engineered solutions that integrate with the latest technology, resulting in advanced information technology systems; business and management consulting services to assess client needs and reengineer processes; and strategic and tactical program expertise to support continuity and provide comprehensive oversight for mission-critical initiatives.

We partner with government agencies that require development of systems, such as end user services, asset management, network deployment and engineering services, power and energy management solutions, portal applications, command and control, and geospatial information systems (GIS) to operate more efficiently and profitably.

As an emerging IT consulting and strategic outsourcing leader, we're always looking for exceptionally bright and motivated people to join our team. We are thought leaders in our market space - providing comprehensive solutions to our clients, throughout the enterprise. If you are looking for an opportunity to use your skills in new ways, in an environment that promotes free thinking, presents positive challenges, and makes real impact - ASRC Federal Cyber is the place for you.

We are currently seeking a Senior Security Manager to work at our contractor site in the Washington, D.C. metropolitan area supporting a large data and cloud opportunity in the civilian space.

RESPONSIBILITIES

  • Maintain client data in a secure Federal Information Security Modernization Act (FISMA) compliant cloud infrastructure (currently in Amazon Web Services and Microsoft Azure) meeting required client security requirements

  • Support security assessments, perform system security tests, remediate security deficiencies, and maintain security documentation according to federal standards

  • Support security incident reporting, tracking and resolution based on client requirements

  • Respond quickly to directional changes as needed to address unforeseen security changes

  • Research and leverage IT innovation and new tools and technologies where appropriate to improve system security

  • Stay current with innovations and releases of COTS products and make recommendations to leverage new COTS software applications or upgrades, as feasible, to improve system security

  • Collaborate with client on Development, Security and Operations (DevSecOps), software planning, design and development, all phases of testing, implementation and post-release review and monitoring

  • Develop and recommend a strategy for releases needed to upgrade security to address new threats, resolve security findings

  • Build, maintain, and support audit log to collect details for monitoring and maintaining system activity and for supporting audit activities and uncover breaches in compliance, security threats and support audit activities

  • Make recommendations when appropriate for new development tools and software needed to resolve security findings

  • Implement cloud security tools and best practices needed to maintain a secure multicloud environment, including encryption, data access, risk identification and mitigation, alerts to known/potential security issues, secure cloud environment deployments, and mitigation of cloud data security challenges

  • Operate and maintain cloud-native endpoint security software tools, such as VMware Carbon Black and ensure the tools are installed, configured, leveraged, and maintained to protect client cloud environments from malicious attacks

  • Hire and retain qualified system security experts

  • Leverage existing and emerging industry standards to optimize API security

  • Ensure that new APIs are developed as necessary to enhance existing functionality and increase system security

  • Develop comprehensive test plans and conduct necessary security testing

  • Collect feedback from workgroups and present findings, impacts, and next steps to client and relevant audiences

  • Communicate issues and concerns effectively and efficiently and track issues, concerns and/or risks to resolution

  • Present technical information to a non-technical audience

  • Perform other duties as required and assigned

Requirements :

REQUIREMENTS

  • Bachelor’s degree in computer science or related field

  • One or more of the following certifications:

  • Certified Information Security Manager (CISM)

  • Certified Information Systems Security Professional (CISSP)

  • Certified Information Systems Auditor (CISA) (https://www.zippia.com/)

  • Active ITIL certification

  • 5+ years of experience in security management

  • Experience managing federal security solutions

  • Experience with one or more different Agile methodologies including Scrum, Lean, SAfe

  • Experience preparing project cost estimates to include but not limited to, labor, travel, equipment and software

  • Proficiency with written technical proposals and review of proposals for technical integrity, quantification of risk, and strategic direction

  • Successful client reporting and customer liaison experience

  • A strong, proactive work ethic and superior collaboration skills

Preferred

  • Agile certification (i.e., PMI-ACP, Certified Scrum Master, Certified Product Manager; SAFe Agilist)

  • Master’s Degree in related field of study or equivalent years of experience

  • Security management experience with the Centers for Medicare and Medicaid Services (CMS)

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.

DirectEmployers