Senior Information Systems Security Officer

MANTECH seeks a motivated, career and customer-oriented Senior Information Systems Security Officer (ISSO) to join our team in Fort Washington, MD. This is an onsite position.

The ideal candidate will have a deep understanding of implementing various security measures to protect an organization's computer systems and networks. This role requires a strong foundation in Linux engineering and containerization technologies, as well as proficiency in applying DISA Security Technical Implementation Guides (STIGs) and operating within applications and data. The successful candidate will have a proven track record of successfully designing and implementing security solutions in cloud environments and will be able to work collaboratively with other IT professionals to ensure the security of the organization's systems and data.

Responsibilities Include but are not limited to:

• Design, deploy, and manage security solutions (Scanning, IDS/IPS, NIDS/NIPS, SIEM) in a hybrid environment.
• Research and recommend technical solutions to various controls by understanding NIST 800-53 Risk Management Framework (RMF) and CNSSI 1253 & assist in developing policies, procedures and guidelines.
• Lead the effort in closing out Plan of Action & Milestones (POA&M) items that are associated with technology-related control items and findings.
• Responsible for implementing security solutions within container orchestration technologies such as Docker and Kubernetes.
• Conducting risk assessments and vulnerability assessments via implementing CI jobs to scan for various security defects such as SAST, DAST & container scanning.
• Apply DISA STIGs to ensure compliance with security standards and policies.

Minimum Qualifications:

• Bachelors Degree or equivalent experience
• 8 + years prior relevant experience or Master's Degree and 5 + years prior experience
• Solid understanding of Linux/Unix Administration.
• Experience with applying DISA STIGs with containerization and orchestration technologies, particularly Docker and Kubernetes.
• Proficient in one or more computer programming languages commonly used in scripting & automation. IE: Bash, Python, Go, Rust.
• Demonstrated experience in automating deployments and developing infrastructure as code (IaC).
• Possess and maintain relevant DoD 8570/8140 IAT level II Certification and one or more of the following certifications: AWS DevOps Professional, Certified Kubernetes Security Specialist, GIAC Cloud Security Automation (GCSA), Certified DevSecOps Professional (CDP).

Preferred Qualifications:

• Preferred candidate has a background in incident response and/or DevSecOps.
• Strong background in DevOps practices and tools, including Jenkins, Git, Ansible, and Terraform.
• Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment.
• Effective communication skills, both written and verbal, with the ability to present technical information to a non-technical audience.

Security Clearance Requirements:

• Active TS/SCI clearance.
• Citizenship Required.

Physical Requirements:

• Must be able to remain in a stationary position 50% of the time.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
• Must be able to exchange accurate information in these situations.