Provides on-site administrative support and coordination to a complex contract, project or task(s). Maintains and tracks costs and performances on contract. Oversees the administrative and clerical functions of assigned contracts, projects, or tasks. Maintains office records and files. May collect time sheets and other personnel records or paperwork for corporate processing. Performs other duties as assigned, such as Human Resources, Facilities and Security functions. Requires Bachelors degree or equivalent and two to four years of related experience. ManTech is seeking a Sr. Information System Security Officer (ISSO) to support multiple federal agencies through the Continuous Diagnostic& Mitigation (CDM) Program. The CDM Program is a high-profile, high-visibility, cybersecurity modernization and risk management program where you can contribute innovative solutions and consult with many different federal agencies to enhance their Information Assurance (IA) programs and continuous monitoring capabilities.
Responsibilities will include:
Provide consulting to Agencies on Requests for Service for the design, development, and deployment of Ongoing Assessment, Ongoing Authorization, and other Information Assurance (IA) initiatives
Provide continuous monitoring to enforce client security policy and procedures and create processes that will provide increased visibility to system owners on impacts to the security posture of systems
Ensure system security measures comply with applicable government policies
Monitor configuration management changes and assess the impact of modifications and vulnerabilities for each system
Ensure that system security requirements are addressed throughout the project and system lifecycle
Ensure effective controls and processes are in place and working effectively to maintain a strong system security posture.
Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities
Develop, maintain, and facilitate the appropriate closure of POA&Ms and facilitate with the Agency-designated security Point of Contact (PoC)/ISSO any related remediation activities
Understand and monitor operations processes, including but not limited to, the Incident Response Process and Communications Process, to ensure that they are followed properly at Agencies for applicable CDM solutions and tools
Ensure the development, documentation, and presentation of IS security education, awareness, and training activities for users and others, as appropriate
Provide prompt feedback to CDM Project Management, Engineering and Operations personnel in a timely manner and provide ongoing education on security protocols and procedures
Qualifications and Education/Certification Requirements:
B.S. in Information Technology or Information Security desired
5+ years of experience in InfoSec specializing in NIST RMFDHS-specific experience highly desired
DoD 8570 approved baseline certification (s) (i.e., CISSP, CISM) preferred
Experience with DHS Ongoing Authorization Program Framework and use cases preferred
Experience with DHS Continuous Diagnostics and Mitigation(CDM) a plus
Experience with AWS Cloud, Azure Cloud, or Cloud implementations and environments
Extensive knowledge and experience with information security standards, policies and practices NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, DHS 4300A.
Demonstrated experience writing information system security documentation (System Security Plans (SSP), Plans of Action and Milestones (POA&Ms), PTAs, PIAs, CMPs, CPs, and IRPs).
Experience using vulnerability assessment tools (NESSUS, AppDetective, etc.), analyzing and interpreting assessment results.
Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports)to all levels of management
Ability to research and address information security issues as required as an authority on the subject.
FedRAMP experience a plus
Strong understanding of infrastructure technologies and functionalities (e.g., firewalls, Windows/Linux servers, Active Directory (AD), Splunk, Solarwinds, CyberArk, etc.)
Must be a self-starter and have the ability to think outside of the box to design effective solutions
Must have excellent verbal and written communication skills as this position will interact with senior-level executives.
Must be a US citizen and pass a background investigation.
Able to obtain and maintain a DHS Suitability/Entry on Duty (EOD).
Active Secret or Top Secret clearance desired.
Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.
ManTech provides innovative technologies and solutions for mission-critical national security programs for the intelligence community.
Employee stock ownership program; tuition assistance; retail discount program (Barnes & Noble, Dell, Apple, Walt Disney World, Costco).
Phone screen with recruiter; phone screen with team lead; onsite interview; security clearance check. Average interview period: 2 weeks.
Zero stress and one profile that can connect you directly to 1000s of companies.
We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.
Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.
Join now and be seen.