Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer oriented Cyber Security Program Manager with significant, senior-level ISSO/A&A experience to join our team in the Washington, D.C. area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech.
Responsibilities include, but are not limited to:
Report to the ManTech Sr. Executive Director and serves as the ManTech Program Manager supporting all areas of customer delivery, reporting and personnel management
Oversee a team of approx. 40 FTEs that includes 3 Team Leads and a Deputy Program Manager
Build and maintain influential relationships with the client and the client’s key personnel
Perform annual and ongoing performance management as required, including setting goals and objectives, performance evaluations, disciplinary actions, etc.
Actively participate in the recruiting process to ensure the appropriate placement of personnel to most effectively support a variety of customers
Support corporate functions (time reporting, policies, training, etc.) to ensure the team addresses any requirements in a timely and complete manner
Support and promote growth of new task orders to include proposal support as required
Serve as the Strategic Advisor to our client (s) and is involved in every aspect of strategic planning efforts, new FBI IT/IS efforts, system assessments, resource modeling, project schedule development, reporting, etc.
Work in partnership with client leadership to develop and implement project plans and facilitate strategic planning efforts
Provide leadership by mentoring and providing direction to teams leads and more junior-level team members
Effectively deploy a variety of data-driven strategic thinking/planning/metrics tools to support the Office of Security Operations (OSO), agency stakeholders, agency objectives and organizational and FISMA/IA performance measurement
Responsible for leading the client’s Special Projects and providing direction and guidance to the Special Projects task leads
Develop, recommend, and implement the client’s strategic security plans
Develop and implement a strategy for continuous monitoring of client supported systems, e.g., establishing system audit trails and ensuring their review, reporting all identified security findings and initiating the periodic review of security controls, leveraging continuous monitoring/CDM tools, etc.
Assess and mitigate system security threats/risks throughout the program life cycle; determine/analyze and delineate security requirements at a level of detail that can be implemented and tested; review and monitor security designs in hardware, software, data, and procedures; perform system security authorization (SA)/certification and accreditation (C&A) planning and testing and liaison activities; support secure systems operations and maintenance
Ensure that assigned information systems are operated, maintained and disposed of in accordance with approved security policies and practices to maintain an effective and appropriate security posture
Ensure that system security requirements are addressed during all phases of the IS lifecycle
Develop and maintain SCA/A&A documentation, including SSPs, SCONOPS, SCA/ST&E reports and other system security documentation; Conduct reviews and updates security documentation, e.g. review and update the SSP, at least, annually for all assigned systems and when significant changes occur
Author or coordinate the development of other required system security documentation: Configuration management (CM), Contingency Plan (CP), Continuity of Operations (COOP), Disaster Recovery Plan (DR) and Incident Response Plan (IRP)
Support risk assessment and evaluation activities throughout the system's lifecycle
Request or conduct required information system vulnerability scans in accordance to establish policy; Develop system POA&Ms in response to reported vulnerabilities
Ensure compliance with annual FISMA deliverables and reporting
Investigate any information technology or system security incidents
Perform security engineering analyses, risk and vulnerability assessments, etc. Monitor security assessment efforts and analyze assessment test results.
Conduct research on new technology and identify security vulnerabilities
Develop reporting that captures all security activities by the team that will enable the production of timely, detailed, and accurate security status of OSO-supported systems and related information
Requires Bachelor’s degree or equivalent, and twelve to fifteen years of related technical and cyber security experience including management experience.
Leadership experience required; experience managing teams of 30 or more personnel strongly desired
CISSP and PMP are required
Demonstrated experience with developing and executing long term vision/strategy and growing cyber organizations and/or capabilities
Demonstrated experience developing and managing project schedules
Ability to research and address information security issues as required, being an authority on the subject
Extensive knowledge and experience with information security standards, policies and practices - NIST (800-53 rev4), FISCAM, FISMA, A-123, DOD, DCID, FBI, etc.
Knowledge of information security engineering, design concepts and principles
Knowledgeable with Systems Development Lifecycle (SDLC) methodologies and continuous monitoring activities
Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management
Strong presentation skills with finesse in communicating to senior-level executives
Demonstrated experience conducting information system security controls assessments (SCAs) and applying standard auditing techniques during system security controls assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient, and recommending remedial actions to the customer to ensure compliance
Demonstrated experience writing information system security documentation (SSPs, POA&Ms, PTAs, PIAs, CMPs, CPs and IRPs)
Must be a team player with "can do" attitude. Must be able to work independently with initiative and innovation
Well versed with vulnerability assessment tools (NESSUS, AppDetective, etc.) and analyzing the results generated from these assessments
Proven and effective ability to multi-task and deliver on-time with the highest quality
Exceptional interpersonal, verbal, and written communication skills, with the ability to collaborate well across teams and organizations, including interactions with senior-level executives.
Candidates must be fluent in the English language
Security Requirements: APPLICANTS SELECTED WILL BE SUBJECT TO A GOVERNMENT SECURITY INVESTIGATION AND MUST MEET ELIGIBILITY REQUIREMENTS FOR ACCESS TO CLASSIFIED INFORMATION. TOP SECRET CLEARANCE IS REQUIRED WITH THE ABILITY TO GET SCI.