ManTech International Corporation.
Job Duties and Responsibilities: Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.Currently, ManTech is seeking a motivated, career and customer oriented Jr ISSO to join our team in the Washington, DC area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.Responsibilities include, but are not limited to:
Ensure that assigned information systems are operated, maintained and disposed of in accordance with approved security policies and practices
Ensure that system security requirements are addressed during all phases of the IS lifecycle.
Developing and maintaining the SSPs and all other system security documentation, reviewing and updating them at least annually for all assigned systems
Author or coordinate the development of other required system security plans: Configuration management (CM), Contingency Plan (CP), Continuity of Operations (COOP), Disaster Recovery Plan (DR) and Incident Response Plan (IRP).
Support risk assessment and evolution activities throughout the system's lifecycle.
Implement a strategy for continuous monitoring for assigned systems including: Establishing system audit trails and ensuring their review, reporting all identified security findings and initiating the periodic review of security controls
Request or conduct required information system vulnerability scans in accordance to establish policy; Develop system POA&Ms in response to reported vulnerabilities
Ensure compliance with annual FISMA deliverables and reporting.
Investigate any information technology or system security incidents
Assesses and mitigates system security threats/risks throughout the program life cycle; determines/analyzes and decomposes security requirements at the level of detail that can be implemented and tested; reviews and monitors security designs in hardware, software, data, and procedures; performs system certification and accreditation planning and testing and liaison activities; supports secure systems operations and maintenance.
Perform security engineering analysis, risk and vulnerability assessment, etc.
Monitor and analyze security functional tests.
Prepare C&A documentation such as SSP, SCONOPS, ST&E reports, etc.
1 years of experience in InfoSec and B.S. in Information Technology or InfoSec required.
CERTs: Security required; CAP preferred.
Knowledge of information security engineering, design concepts and principles.
Knowledgeable with the Systems Development Lifecycle (SDLC) and continuous monitoring methodologies
Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management.
Demonstrated experience conducting information system security controls assessments (SCAs) and applying standard auditing techniques during system security controls assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient, and recommending remedial actions to the customer to ensure compliance
Demonstrated experience writing information system security documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs).
Extensive knowledge and experience with information security standards, policies and practices - NIST (800-53 rev4), FISCAM , FISMA, DOD, DCID, FBI, etc.
Ability to research and address information security issues as required, being an authority on the subject.
Must be a team player with \can do\ attitude. Must be able to work independently with initiative and innovation.
Well versed with using vulnerability assessment tools (NESSUS, AppDetective, etc.) and analyzing the reports generated from these assessments
Proven ability to multi-task and deliver on-time with the highest quality.
Strong verbal and written communication skills are highly preferred.\u00a0
It is highly desired that candidates possess strong interpersonal skills.\u00a0
Candidates must be fluent in the English language.\u00a0
Security Requirements:Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Top Secret clearance is required w/ the ability to get SCI.
ManTech International Corporation.
Website : http://www.mantech.com/
ManTech International Corporation provides technologies and solutions for mission-critical national security programs in the United States and internationally. It offers cyber warfare and cyber defense security solutions and services, such as identifying and neutralizing external cyber attacks; engineering tailored defensive security solutions and controls; managing security operations centers; developing robust insider threat detection programs; and creating enterprise vulnerability management programs. The company also provides information technology (IT) modernization and sustainment services that designs, develops, deploys, modernizes, operates, and maintains IT systems and infrastructure; intelligence/counterintelligence solutions and support; systems engineering; and healthcare analytics, and IT solutions that encompasses health information sharing and clinical analytic solutions. ManTech International Corporation serves the United States federal government intelligence, military, space, civilian agencies, state and local governments, and commercial customers. The company was founded in 1968 and is based in Fairfax, Virginia.