Secure our Nation, Ignite your Future
ManTech is seeking an experienced Cyber Security Controls Assessor/Validator to support our growing USMC programs on MCB Quantico, VA.
This is an opportunity to join a cutting-edge, dynamic, growing team that will have a direct impact on the Warfighter.
Position requires an active DOD TS/SCI (or SCI eligible) clearance.
Basic Program Overview:
ManTech is seeking a Security Controls Assessor to support the Marine Corps Sensitive Compartmented Information (SCI) Enterprise Office (SEO). Responsibilities include the security engineering of enterprise and local systems and servers across multiple security domains
Stay current with latest DoD, Navy, and Marine Corps IA doctrine.
Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures.
Assist the Government to generate and maintain security documentation for system hardware and software, to include System Security Plans, equipment lists, practices, and procedures.
Assess the performance of IA security controls based on NIST 800-53A within the IT infrastructure.
Identify IA vulnerabilities resulting from a departure from approved procedures and plans. Evaluate potential IA security risks and make recommendations regarding corrective, mitigation, and recovery actions.
Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), Intelligence Community Vulnerability alerts (ICVA), technical advisories (TA), and OPDIRs Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements.
Perform system audits to assess security related factors within the IT infrastructure Review response actions to security incidents.
Ensure associated entities are properly maintaining repositories for all system authorization documentation.
Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users.
Participate in the Continuous Monitoring process.
Mandatory Skills Requirements:
Bachelors Degree (+2 years experience), Associates Degree (+4 years experience), or High School Diploma (+6 years experience)
Shall meet DOD 8570 requirements for IAM III
Must be familiar with the Risk Management Framework (RMF) process and applicable guidance (NIST 800-53, NIST 800-37, CNSSI 1253, FIPS 199, ICD 503 etc.)
Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave
Support and assist in the development of system security packages based on current doctrine
Must be familiar with Certification Assessment and all respective events
Must be familiar with security controls and respective IT infrastructure and capable of correlating applicability, validating compliance/implementation, and working with engineers for mitigations
Participating in Self-Assessment of system security controls and results documented in SAR in preparation of Event Reviewing data in Xacta package to prepare for assessment
Conducting Certification Assessment Reviewing Technical Assessment: (ACAS, SCAP, PPS Verification, STIGS)
Completing a Security Assess Review for the event Generating SCCM data elements, POA&M, SAR, and Risk Assessment Report (RAR) as required
Publishing a POA&M report, NIST RA, NIST SCCM, SAR, SAR Table and Extensible Documents Importing data elements from the ATO letter into Xacta Documenting results/deliverable artifacts (results from the SCA audit, STIG Checklists, POA&Ms, reports, scans)
Documentation uploaded into Xacta for accreditation review
Experience with Tenable Security Center
Other Skills Preferred:
Knowledge of information security systems and applications for DoD projects
Knowledge of DoD 8510.01 Risk Management Framework (RMF) Process Intelligence Community Directive (ICD) 503 Intelligence Community Information Technology Systems Security Risk Management Other Emerging IA policies
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Waretime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click email@example.com and provide your name and contact information.
About ManTech International
ManTech International Corporation provides technologies, consulting services and solutions for mission-critical national security programs.