Manager, Systems Security
Manager, Systems Security
HighPoint’s professionals focus exclusively on helping government agencies and companies implement their most critically strategic initiatives. The role of Manager Systems Security contributes to HighPoint by focusing on ensuring our Client IT Systems are compliant with information security policy, rules and regulations, and are completing system and network Certification and Accreditation (C&A) requirements in observation of Centers of Medicare and Medicaid Services (CMS) and Health and Human Services (HHS) mandates. This individual will function as the Systems Security Officer (SSO) and support the Sr. Director of IT Client Delivery to ensure the continued stable operation of contract security architecture comprising both on-premise and cloud-service-provider (CSP) infrastructure.
KNOWLEDGE AND SKILLS REQUIREMENTS
- Ability to apply mathematical operations to such tasks as frequency distribution, determination of test reliability and validity, analysis of variance, correlation techniques, sampling theory, and factor analysis.
- Ability to read, analyze, and interpret common scientific and technical journals, financial reports, and legal documents.
- Ability to effectively and professionally present information to leadership and/or public groups.
- Ability to define problems, collect data, establish facts, and draw valid conclusions.
- Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
- Risk Management Framework (RMF) experience including assessment and authorization a plus.
- Knowledge of Cloud Security Services a plus
- Certification in CISSP (or equivalent) a plus.
- Excellent team player and individual contributor; adaptable in a dynamic environment.
- Strong communication skills - ability to translate technical vernacular in clear language easily understood by diverse stakeholder groups.
- Development and maintenance of security and site accreditation policies, practices, and documentation including, but not limited to: SSP, SSD, ISRA, BIA, CP.
- Lead the deployment and use of application and vulnerability scanning/reporting tools like Nessus, BURPSuite, Security Center, and Splunk/SIEM in support of Configuration and Change Management (SecDevOps) policies.
- Develop and maintain knowledge of NIST, DISA STIGS, FISMA and CMS ARS security requirements and standards.
- Generate and maintain an archive of security incident tickets to address findings identified through scheduled audits, notifications from enterprise systems/operations, and customer/client requests.
- Manage security incident investigations including identification of appropriate system remediation solutions and the creation of Root-Cause Analyses in the event of outages, in addition to any needed training/refreshers.
- Serve as a point of contact for federally mandated system audits and ensure security-related documentation is uploaded to CFACTS as required.
- Provides regular status reporting of security team projects to senior management and customers.
- Conduct performance evaluations (and regular check-ins) of direct reports and regular touch-bases with contractors.
- Regularly attend conferences/seminars to remain current on security concerns, trends and technologies.
- Support the professional development of direct reports (e.g. CE/training, certifications, etc).
- Other duties as assigned.
EDUCATION AND YEARS OF EXPERIENCE REQUIREMENTS
- Bachelor’s Degree in Engineering, Information Technology, Cybersecurity, Computer Science or equivalent field and five to seven years related experience and/or training; or equivalent combination of education and experience.
HighPoint is a growth-oriented firm that provides a unique, differentiated employee culture relative to our Federal market peers. We leverage this growth-oriented and employee-focused culture to attract and retain a higher grade of talent than our peers to be an employer of choice.
HighPoint helps government agencies elevate the citizen experience (CX) by improving the touchpoints through which citizens interact with government. We were founded in 2006 by Ben Lanius with the spirit of transforming how agencies connect with and empower citizens to deliver on mission-critical objectives.
At HighPoint, our focus is on delivering results that matter. We support and modernize our federal customer’s mission critical systems and functions. Agility is at our core: it is the mantra that drives us to succeed. We work quickly, analytically and deliver on agency priorities.
HighPoint is privately held with 300 passionate employees across offices and locations in Indianapolis, Indiana; Baltimore, Maryland; and Herndon, Virginia.
HighPoint Digital, Inc. is an equal opportunity employer. We do not discriminate on the basis of race, color, gender, sexual orientation, age, religion, national or ethnic origin, disability or veteran status.
HighPoint Digital, Inc. will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with HighPoint’s legal duty to furnish information.