T-Rex Solutions is seeking a Chief Security Officer to support a large CMS program. The mission is to architect, build and support innovative health care systems that focus on delivering high-value, quality programs. The overall goal of this program is to:

• Simplify and unify disaster recovery and infrastructure resilience.
• Facilitate AWS cloud migration, providing support for infrastructure, training, and architecture planning.
• Centralize governance for reporting, enforcement, and auditing.
• Maintain security & privacy controls and capabilities, and establish pipelines to facilitate the Authority to Operate (ATO) process, including all necessary security certifications and approvals.
• Provide a variety of Infrastructure as a Service (IaaS) solutions to accelerate standing up architectural and security compliant systems.

Responsibilities:

• Provide thought leadership and communication of cloud security matters by managing and facilitating a Cloud Security community of practice (CoP)
• Support the CMS ISSO in the achievement and maintenance of an ATO for each application or system supported by the Contractor.
• Utilize CMS' SA&A Processes and oversee the security requirements for all associated admin and user accounts.
• Implement and maintain ARS controls for the appropriate system security level.
• Develop and maintain all required FISMA system documentation.
• Ensure systems adhere to Technical Reference Architecture (TRA) foundational and supplemental documents as additional security specifications, when applicable (available upon request).
• Use approved security tools for continuous monitoring and management of security baselines.
• Implement audit tools or processes for auditing and reporting services that support Continuous Diagnostics and Monitoring (CDM).
• Provide engineering services and participation in Continuity of Operations Planning (COOP) and Disaster Recovery (DR) planning and exercises.
• Develop and implement Configuration Management and Change Management plans when necessary.
• Develop and maintain artifacts related to the CMS Target Life Cycle (TLC) and the ISG CASF (the CASF is available upon request).
• Perform or participate in threat and vulnerability management for applicable FISMA systems.
• Perform POA&M management.
• Assist the CMS ISSO with other additional security support efforts within the scope of contractual responsibilities

Requirements:

• 7-10+ years of professional experience
• Experience leading security programs
• Experience implementing and maintaining system and application security controls and procedures to achieve and maintain technical compliance
• Strong knowledge of FISMA, POAM management, COOP and Disaster Recovery
• Demonstrated experience achieving ATOs for applications and system components

Desired Skills:

• Bachelor of Science (BS) or Master's degree in Information Technology or related field
• Experience with and understanding of the CMS IT programs, mission and goals
• Experience delivering IT projects at CMS or HHS

T-Rex Overview

Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government as it increasingly tries to secure and leverage the power of data. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in the areas of Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.

T-Rex is constantly seeking qualified people to join our growing team. We have built a broad client base through our devotion to delivering quality products and customer service, and to do that we need quality individuals. But more than that, we at T-Rex are committed to creating a culture that supports the development of every employee's personal and professional lives. T-Rex has made a commitment to maintain the status of an industry leader in compensation packages and benefits which includes competitive salaries, performance bonuses, training and educational reimbursement, Transamerica 401(k) and Cigna healthcare benefits.

T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors.

As part of our overall strategy and commitment to maintaining a safe and healthy workplace, and in accordance with applicable regulations, employees of T-Rex must be fully vaccinated against COVID-19 if required by customer or client policies or federal mandates as a condition of employment, subject to reasonable accommodation and other requirements under applicable federal, state, and local law. If required by the customer, the selected individual will have to submit documentation of proof of vaccination before starting employment with T-Rex or have an approved exemption prior to the start of employment.

In compliance with pay transparency guidelines, the annual base salary range for this position is $150,000 - $190,000. Please note that the salary information is a general guideline only. T-Rex considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.