ManTech International Corporation
Information System Security Officer (ISSO)
ManTech International Corporation, Quantico, Virginia, United States, 22134
Description & Requirements
ManTech is seeking an Information System Security Officers in support of a government contract for wargaming in Quantico, Va.
Responsibilities include but are not limited to: Provides required oversight, guidance and support for ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, Network/Hardware/Software certification and accreditation, IA Policies and procedures, and network IA/Security tools. Stay current with latest DoD, Navy, and Marine Corps IA doctrine Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures Assess the performance of IA security controls within the IT infrastructure Identify IA vulnerabilities resulting from a departure from approved procedures and plans and take appropriate corrective, mitigation, and recovery actions Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements Perform system audits to assess security related factors within the IT infrastructure Review response actions to security incidents Maintain a repository for all system accreditation/certification documentation Maintain a repository for all personnel required certifications Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users Develops and drafts policies and procedures: To ensure systems reliability and accessibility Prevention and defense against unauthorized access to networks, systems and data Creating and developing all required documentation for network, hardware and software certification and accreditation packages Performing risk and vulnerability assessments of planned and installed systems Conducting security evaluations, audits, and reviews Developing contingency plans and disaster recovery procedures Participating in network and systems design to ensure implementation of appropriate security policies and practices Assisting in the gathering, analysis, and preservation of evidence related to security violations Developing and implementing information security training programs to ensuring users understand and adhere to security policies and procedures Assists with analysis of Customer/End User requirements for information technology networks, hardware and software applications. Then create the certification and accreditation package for the appropriate Authorizing Official. Requires a strong working knowledge of Information Assurance (IA) security controls, security technical implementation guides (STIGS) requirements as identified by and applied in the DoD Risk Management Framework Certification and Accreditation (C&A) process. Develops Network Security and Information Assurance documentation for all stages and aspects of the Hardware and Software development life cycles, including policies, processes, and procedures. Under the guidance of the Organizational ISSM, organizes, coordinates, and facilitates C&A projects, Certification Requirement Reviews (CRR), participates in Technical Exchange Meetings (TEMs) and C&A working groups. Assists Subject Matter Experts (SME) in developing validation test plans for adherence to RMF IA requirements and documenting test results. Ability to work with various levels of technical and management staff. Other duties as required Minimum Qualifications:
Bachelor's degree and at least 4 years' experience.A total of 8 years' experience without a degree Shall meet DOD 8570 requirements for IAT II Must be capable of independently completing all required system accreditation paperwork to obtain an Authority to Operate (ATO), Authority to Connect (ATC) or Interim Authority to Test (IATT) Must be familiar with the Risk Management Framework (RFM) process Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave Support and assist in the development of system security packages based on current doctrine Preferred Qualifications:
Knowledge of information security systems and applications for DoD projects Knowledge of DoD 8510.01 Intelligence Community Directive (ICD) 503 Intelligence Community Information Technology Systems Security Risk Management Certification and Accreditation DoD Intelligence Information System (DoDIIS)-Joint Security Implementation Guide (DJSIG) Other Emerging IA policies Familiarity with Marine Corps Certification and Accreditation Support Tool (MCCAST) Clearance Requirements
:
Current DOD Secret clearance, with ability to acquire TS/SCI Physical Requirements:
Must be able to remain in a stationary position 50%
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.
ManTech is seeking an Information System Security Officers in support of a government contract for wargaming in Quantico, Va.
Responsibilities include but are not limited to: Provides required oversight, guidance and support for ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, Network/Hardware/Software certification and accreditation, IA Policies and procedures, and network IA/Security tools. Stay current with latest DoD, Navy, and Marine Corps IA doctrine Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures Assess the performance of IA security controls within the IT infrastructure Identify IA vulnerabilities resulting from a departure from approved procedures and plans and take appropriate corrective, mitigation, and recovery actions Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements Perform system audits to assess security related factors within the IT infrastructure Review response actions to security incidents Maintain a repository for all system accreditation/certification documentation Maintain a repository for all personnel required certifications Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users Develops and drafts policies and procedures: To ensure systems reliability and accessibility Prevention and defense against unauthorized access to networks, systems and data Creating and developing all required documentation for network, hardware and software certification and accreditation packages Performing risk and vulnerability assessments of planned and installed systems Conducting security evaluations, audits, and reviews Developing contingency plans and disaster recovery procedures Participating in network and systems design to ensure implementation of appropriate security policies and practices Assisting in the gathering, analysis, and preservation of evidence related to security violations Developing and implementing information security training programs to ensuring users understand and adhere to security policies and procedures Assists with analysis of Customer/End User requirements for information technology networks, hardware and software applications. Then create the certification and accreditation package for the appropriate Authorizing Official. Requires a strong working knowledge of Information Assurance (IA) security controls, security technical implementation guides (STIGS) requirements as identified by and applied in the DoD Risk Management Framework Certification and Accreditation (C&A) process. Develops Network Security and Information Assurance documentation for all stages and aspects of the Hardware and Software development life cycles, including policies, processes, and procedures. Under the guidance of the Organizational ISSM, organizes, coordinates, and facilitates C&A projects, Certification Requirement Reviews (CRR), participates in Technical Exchange Meetings (TEMs) and C&A working groups. Assists Subject Matter Experts (SME) in developing validation test plans for adherence to RMF IA requirements and documenting test results. Ability to work with various levels of technical and management staff. Other duties as required Minimum Qualifications:
Bachelor's degree and at least 4 years' experience.A total of 8 years' experience without a degree Shall meet DOD 8570 requirements for IAT II Must be capable of independently completing all required system accreditation paperwork to obtain an Authority to Operate (ATO), Authority to Connect (ATC) or Interim Authority to Test (IATT) Must be familiar with the Risk Management Framework (RFM) process Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave Support and assist in the development of system security packages based on current doctrine Preferred Qualifications:
Knowledge of information security systems and applications for DoD projects Knowledge of DoD 8510.01 Intelligence Community Directive (ICD) 503 Intelligence Community Information Technology Systems Security Risk Management Certification and Accreditation DoD Intelligence Information System (DoDIIS)-Joint Security Implementation Guide (DJSIG) Other Emerging IA policies Familiarity with Marine Corps Certification and Accreditation Support Tool (MCCAST) Clearance Requirements
:
Current DOD Secret clearance, with ability to acquire TS/SCI Physical Requirements:
Must be able to remain in a stationary position 50%
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.