Senior Security Manager

Seattle, WA, United States

ASRC Federal Holding Company

Senior Security Manager

Baltimore ,

Maryland

Apply Now

Senior Security Manager - Washington, D.C

.

ASRC Federal Cyber, LLC is a technical, professional services company providing state-of-the-art solutions to government and commercial clients. Our services include custom-engineered solutions that integrate with the latest technology, resulting in advanced information technology systems; business and management consulting services to assess client needs and reengineer processes; and strategic and tactical program expertise to support continuity and provide comprehensive oversight for mission-critical initiatives.

We partner with government agencies that require development of systems, such as end user services, asset management, network deployment and engineering services, power and energy management solutions, portal applications, command and control, and geospatial information systems (GIS) to operate more efficiently and profitably.

As an emerging IT consulting and strategic outsourcing leader, we're always looking for exceptionally bright and motivated people to join our team. We are thought leaders in our market space - providing comprehensive solutions to our clients, throughout the enterprise. If you are looking for an opportunity to use your skills in new ways, in an environment that promotes free thinking, presents positive challenges, and makes real impact - ASRC Federal Cyber is the place for you.

We are currently seeking a Senior Security Manager to work at our contractor site in the Washington, D.C. metropolitan area supporting a large data and cloud opportunity in the civilian space.

RESPONSIBILITIES

Maintain client data in a secure Federal Information Security Modernization Act (FISMA) compliant cloud infrastructure (currently in Amazon Web Services and Microsoft Azure) meeting required client security requirements

Support security assessments, perform system security tests, remediate security deficiencies, and maintain security documentation according to federal standards

Support security incident reporting, tracking and resolution based on client requirements

Respond quickly to directional changes as needed to address unforeseen security changes

Research and leverage IT innovation and new tools and technologies where appropriate to improve system security

Stay current with innovations and releases of COTS products and make recommendations to leverage new COTS software applications or upgrades, as feasible, to improve system security

Collaborate with client on Development, Security and Operations (DevSecOps), software planning, design and development, all phases of testing, implementation and post-release review and monitoring

Develop and recommend a strategy for releases needed to upgrade security to address new threats, resolve security findings

Build, maintain, and support audit log to collect details for monitoring and maintaining system activity and for supporting audit activities and uncover breaches in compliance, security threats and support audit activities

Make recommendations when appropriate for new development tools and software needed to resolve security findings

Implement cloud security tools and best practices needed to maintain a secure multicloud environment, including encryption, data access, risk identification and mitigation, alerts to known/potential security issues, secure cloud environment deployments, and mitigation of cloud data security challenges

Operate and maintain cloud-native endpoint security software tools, such as VMware Carbon Black and ensure the tools are installed, configured, leveraged, and maintained to protect client cloud environments from malicious attacks

Hire and retain qualified system security experts

Leverage existing and emerging industry standards to optimize API security

Ensure that new APIs are developed as necessary to enhance existing functionality and increase system security

Develop comprehensive test plans and conduct necessary security testing

Collect feedback from workgroups and present findings, impacts, and next steps to client and relevant audiences

Communicate issues and concerns effectively and efficiently and track issues, concerns and/or risks to resolution

Present technical information to a non-technical audience

Perform other duties as required and assigned

Requirements

:

REQUIREMENTS

Bachelor’s degree in computer science or related field

One or more of the following certifications:

Certified Information Security Manager (CISM)

Certified Information Systems Security Professional (CISSP)

Certified Information Systems Auditor (CISA) (https://www.zippia.com/)

Active ITIL certification

5+ years of experience in security management

Experience managing federal security solutions

Experience with one or more different Agile methodologies including Scrum, Lean, SAfe

Experience preparing project cost estimates to include but not limited to, labor, travel, equipment and software

Proficiency with written technical proposals and review of proposals for technical integrity, quantification of risk, and strategic direction

Successful client reporting and customer liaison experience

A strong, proactive work ethic and superior collaboration skills

Preferred

Master’s Degree in related field of study or equivalent years of experience

Security management experience with the Centers for Medicare and Medicaid Services (CMS)

ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.

#J-18808-Ljbffr