ManTech is seeking an Information Systems Security Officer (ISSO) that will be joining a team of dedicated information technology specialists. The ISSO will partner with the Information Systems Security Manager to ensure that management, operational, and technical controls for securing either National Security Systems or Sensitive but Unclassified (SBU) level Information Systems are in place and followed. This includes ensuring the implementation of appropriate information security requirements for Information Technology (IT) systems throughout their life cycle, from the requirements definition phase through disposal. The ISSO shall possess effective interpersonal and presentation skills, as he/she will operate in a client-facing role. The ISSO must possess experience with Risk Management Framework (RMF). The position requires experience with vulnerability scanning, analysis and security control assessments. Candidates must be self-starters and be able to solve complex problems with minimal supervision.
Active TS/SCI clearance
Typically requires a Bachelor’s degree minimum of 6 years of related IT Systems Security experience; Master’s degree with a minimum of 4 years of related experience; or PhD with a minimum of 2 years related experience.
Must possess one of DoD approved 8570 Baseline certifications for IAM level I or plan to be certified within 6 months of hire date
Knowledge of the ICD 503 instructions and methods, Risk Management Framework (RMF) principles, NIST Special Publications including FIPS 199 & 200, and should have an understanding of the various IT system security essentials (to include: hardware, software system audits, overall Information Assurance (IA), access control systems and methodology, physical security and information security)
Must have hands-on experience and extensive knowledge preparing and updating documents such as: System Security Plans (SSPs), Contingency Plans (CPs), Risk Assessments Matrices (SRTMs), Business Continuity Plans (BCP), Business Impact Analysis (BIA), Security Impact Assessments (SIAs) for proposed System Configuration changes
Experience with DoD STIG’s, CIS Benchmarks, NESSUS, SCAP, or other related hardening and compliance assessment tools
Experience in screening and performing data transfers into protected environments along with declassifying data for release (Document Detective, Purifile, Cipher).
Knowledge of security best practices such as; defense in-depth, least privileges, need-to-know, separation of duties, access controls, encryption, etc.
Knowledge of SPLUNK or similar audit review tool
o Industrial or Federal Government IT and cyber security
o System and Network administration of a hybrid and mixed environments (Windows, Linux, Virtualization)
o COMSEC policies and procedures including certification and key management processes
o Reviewing architecture changes for security impacts and possible recertification
o Establishing standards for information systems procedures
Experience ensuring that hardware, software, and data are archived, sanitized, or disposed of in a manner consistent with system security plans and customer/program requirements
Advanced IT and IA concepts through formal security training, computer-based-training, and on-the-job training
Perform information system audit reviews in accordance with governing policies
Preferred CISSP or Security+ CE certification in good standing
Experience with Security Repository Tools such as Telos Xacta IA Manager or Trusted Agent FISMA (TAF)
Implement tools and techniques in support of Insider Threat Mitigation Program.
An understanding of compartmented programs
Application security, database security, and network security
Networking / Firewall Access Control
Promote Security Awareness Training & Education (to include different possible social engineering attacking techniques)
Will be a member of IT Directorate and will report to the IT Manager for Special Programs. The candidate will perform the following assigned tasks using established policies and procedures:
Serve as ISSO for multiple programs/sponsors and assist/provide backup for Program Information Systems Security Manager (ISSM)
Assist with design and requirements for information systems
Serve as a member of the Configuration Control Board to participate in all configuration management activities
Ensure system configuration guidelines are followed and monitored for compliance with Information Assurance (IA) requirements
Participate in risk assessments of information systems
Assist with the design of IA safeguards of security support structure to include IDS, firewalls, IPS, etc
Assist in conducting tests of IA safeguards in accordance with test plans
Assist with or perform other IA tasks in conjunction with ISSM
Handle personal, confidential and Privacy Act information in a professional manner
Participate in the hardening of systems in a mixed Windows and Linux hybrid environment
Requires Bachelor’s degree or equivalent in Security Management and eight to ten years of experience or a related field.
Equivalent Experience/Education Bachelor's Degree
Years of Experience
08-10 years w/Bachelors Degree 05-07 years w/Masters Degree
ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies.