RockvilleMDRecruiter Since 2001
the smart solution for Rockville jobs

Client Services Security Manager - Hybrid Work Arrangement

Company: Westat
Location: Rockville
Posted on: January 17, 2023

Job Description:

Westat is an employee-owned corporation providing research services to agencies of the U.S. Government, as well as businesses, foundations, and state and local governments. Westat's research, technical, and administrative staff of more than 2,000 is located at our headquarters in Rockville, Maryland, near Washington, DC.

Westat is committed to building a diverse workforce and a culture of inclusivity, belonging and equity for all. We believe that our greatest strength draws on the different backgrounds, cultures, perspectives and experiences of our employees.

Westat is seeking a senior information security manager to lead our Client Security Services (CSS) team. This leadership role is a critical member of the chief information security officer's (CISO's) team and acts as an interface between the CISO's strategic and process-based activities and the CSS team they will lead. The CSS Manager must be able to provide direction and mentoring for staff, interact directly with internal and external clients, manage resources, meet deadlines, and provide regular status and service-level reports to management.

The candidate should have experience managing direct reports and working with Federal Government clients, securing information systems in accordance with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF, i.e. NIST 800-37 and 800-53). Expertise in leading project teams and developing and managing projects is essential for success in this role. In addition to supporting the CISO's policies and strategies, the ISM must be able to prioritize work efforts balancing operational tasks with longer-term strategic security efforts.

Job Responsibilities:

Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
Work with the CISO to develop budget projections based on short- and long-term goals and objectives.
Monitor and report on client facing security activities that include security authorization documentation creation, security control evidence gathering, risk remediation, and security assessment coordination.
Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
Provide security communication, awareness and training for audiences, which may range from senior leaders to field staff.
Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements.
Manage production issues and incidents, and participate in problem and change management forums.
Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
Serve as an active and consistent participant in the information security governance process.
Work with the CISO and IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
Provide support and guidance for legal and regulatory compliance efforts, including audit support.
Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
Formulate recommendations to resolve problems impacting the quality and effectiveness of security controls in software development projects.
Participate in information security working groups.

Basic Qualifications:

Typically requires a Bachelors degree and a minimum of 7 years of IT experience, or an equivalent combination of education and experience.
Experience with FISMA and the entire NIST Risk Management Framework lifecycle are essential.
Demonstrated leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.
Proven project management skills and experience in creating and managing project plans, including budgeting and resource allocation.
At least one IT security certification is required (Security+, Certified Information Systems Security Professional (CISSP), GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP), Certified Information Security Manager (CISM), and Certified Information Systems Auditor (CISA)).

Preferred Qualifications:

Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.

Minimum Qualifications:

Excellent communication skills.
Ability to work well under minimal supervision and work in a team oriented environment

Westat offers a well-rounded and comprehensive benefits program focused on wellness and work/life balance. Eligible employees may participate in:

Employee Stock Ownership Plan
401(k) Retirement Plan
Paid Parental Leave
Vacation Leave
Sick Leave
Holiday Leave
Professional Development
Health Advocate
Employee Assistance Program
Travel Accident Insurance
Medical Insurance
Dental Insurance
Vision Insurance
Short Term Disability Insurance
Long Term Disability Insurance
Life and AD&D Insurance
Critical Illness Insurance
Supplemental Life Insurance
Flexible Spending Account
Health Savings Account

Westat is an Equal Opportunity Employer and does not discriminate on the basis of race, creed, color, religion, sex, national origin, age, veteran status, disability, marital status, sexual orientation, citizenship status, genetic information, gender identity or expression, or any other protected status under applicable law.


Career Area

Computer Systems and Applications

Pay Range

The anticipated salary range for this role is $120K - $160K and will be commensurate with experience.

Bonus Eligibility

Yes%30917318% %%management%%by Jobble

Keywords: Westat, Rockville , Client Services Security Manager - Hybrid Work Arrangement, Accounting, Auditing , Rockville, Maryland

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Maryland jobs by following @recnetMD on Twitter!

Rockville RSS job feeds