About
Mantech International Corporation
Job Description
Secure our Nation, Ignite your Future
Defines, plans, designs, and evaluates information security systems. Assesses architecture and current hardware limitations, defines and designs system specifications, and input/output processes and working parameters for hardware/software compatibility. Provides expert level consultation and technical services on all aspects of Information Security. Manages large-scale programs of national or international scope. Maintains senior affiliations with national and international organizations associated with information security.Entering ManTechs 50th year, we hold the distinct honor of being named a Top 100 Global Technology Company by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nations most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.
Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer oriented Sr. ISSE to join our team in the Washington, DC area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.
Responsibilities include, but are not limited to:
Defines, plans, designs, and evaluates information security systems and architecture
Performs requirements analysis, design, and integration for complex software applications and collaboration infrastructures
Writes implementation and design documents describing how security features are implemented
Serves as the lead technical subject matter (SME) on cyber/systems security matters
Employs best practices and lessons learned when implementing security including software engineering methodologies, system/security engineering principles, secure design, and secure architecture
Provides system security engineering support in designing and integrating automated information systems auditing capabilities
Conduct security control testing and reporting in accordance with the Risk Management Framework (RMF) and NIST 800-53; identifies deficiencies (POA&M) and provides recommendations for solutions
Implements a strategy for continuous monitoring for assigned systems including: Establishing system audit trails and ensuring their review, reporting all identified security findings and initiating the periodic review of security controls
Ensure that ISs are operated, maintained, and disposed of in accordance with approved security policies and practices
Develops, implements, and enforces information systems security policies.
Ensures that system security requirements are addressed during all phases of the IS lifecycle
Ensures implementation of a Configuration Management Plan (CMP) for software, hardware, and firmware is documented and maintained, and serve as a member of the Configuration Management Board, with Information System Security Manager (ISSM) and System Owner concurrence.
Support risk assessment and evaluation activities throughout the Security Assessment and Authorization (SAA) process
Initiate, with ISSM or CSO approval, protective and corrective measures when a security incident or vulnerability is discovered. Monitor IS recovery processes and ensure proper restoration of IS security features
Advises the System Owners regarding security considerations in the various applications
Serves as a resource for users concerning security questions regarding assigned systems and applications
Research and maintains knowledge of Information Assurance (IA) policies and practices, seeking clarification from the ISSM or higher authority when needed, and disseminates these to users
Position Requirements:
Requires Bachelors degree or equivalent in the fields of mathematics, telecommunications, electrical engineering, computer engineering, or computer science or IT-related field and 10-12 years related experience; or Masters degree with 7-9 years of experience
Requires expert technical knowledge in security engineering and IT systems engineering
Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy
Knowledge and experience with securing Windows, UNIX, network operating systems, databases, virtual computing, and mobile devices
Strong IT system and application engineering background with experience in cloud computing, Windows desktop and server, Active Directory Group Policy, SQL, networking, and auditing
Experience with security testing, Risk Management Framework (RMF), information assurance tools, DoD STIG, and vulnerability assessment methodologies
CISSP is required. Candidates that do not current have a CISSP must be able to qualify and pass the certification within 6-9 months of hire.
Knowledge of information security engineering, design concepts and principles.
Knowledgeable with Systems Development Lifecycle (SDLC) methodologies and continuous monitoring activities
Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management.
Demonstrated experience conducting information system security controls assessments (SCAs) and applying standard auditing techniques during system security controls assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient, and recommending remedial actions to the customer to ensure compliance
Demonstrated experience writing information system security documentation (SSPs, POA&Ms, Security Assessment Reports (SARs)).
Extensive knowledge and experience with information security standards, policies and practices - NIST (800-53 rev4), FISCAM, FISMA, DOD, DCID, FBI, etc.
Ability to research and address information security issues as required, being an authority on the subject.
Must be a team player with "can do" attitude. Must be able to work independently with initiative and innovation.
Well versed with using vulnerability assessment tools (NESSUS, AppDetective, AppScan, WebInspect, etc.) and analyzing the results generated from these assessments
Must have excellent written communication skills as the candidate's job will include written interaction with senior- level executives.
Desired Skills:
SPLUNK experience highly desired
Proven ability to multi-task and deliver on-time with the highest quality
Exceptional interpersonal and verbal communication skills, with the ability to collaborate well across teams and organizations.
Security Requirements:
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top secret clearance is required with the ability to get SCI.
Degrees:
See Qualifications
Skills:
Ability to handle stress and work well under pressure,Ability to use MS Office,Ability to use PC,Analytical and Critical Thinking Skills,Leadership Skills,Typing Skills 50 wpm
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
About Mantech International Corporation
ManTech International Corporation provides technologies, consulting services and solutions for mission-critical national security programs.
Headquarters
Mantech International Corporation