At ManTech International Corporation, you will help protect our national Security while working on innovative projects that offer opportunities for advancement.
ManTech is looking for a self-motivated and customer-oriented Information Security Engineer in support of a secure Windows/Linux based Information System. The Information Security Engineer will support the audit, accreditation, and mitigation effort of the Information System.
Experience with Security Content Automation Protocol (SCAP) Compliance Checker
Experience with Splunk or other Security Information and Event Management (SIEM)
Experience with Windows Event Log Management and Auditing
Experience with Vulnerability Mitigation
Experience with Assured Compliance Assessment Solution (ACAS)
Knowledge of Risk Management Framework (RMF) Security controls
Review and recommend INFOSEC solutions to customer problems based on an understanding of products/systems test results
Conduct systems Security analysis and implementation, system engineering, design assurance, testing, software engineering, program design, configuration management, integration and testing of INFOSEC products and techniques
Ensures INFOSEC solutions are based on a firm understanding of government/industry policy, practices, procedures, and customer requirements
Review and update Information Security documentation, POAM, Scans, STIGs, SSAA, SRTM, etc.
Ensure all Information systems are functional and secure in operations and adhere to IA policy, procedures and structure to develop, implement, and maintain a secure Information system.
Develop, implement, and integrate Information Security standards and procedures through the IA process as required.
Write comprehensive Security analysis reports including assessment-based findings, outcomes and enter this data into Enterprise Mission Assurance Support Services (eMASS) for evaluation by Authorizing Officials to support the receipt of an Authority to Operate (ATO) for the systems
Describe, test and validate Security measures active on Security infrastructure devices for the protection of computer systems, networks and Information systems
Determine Security violations and inefficiencies through Security tests, evaluations and audits
Recommend improvements by assessing current Security implementations and anticipating new Security requirements
Maintain system Security by implementing and maintaining Security controls consistent with Federal Risk and Authorization Program (FedRAMP)