Sr. Assessment & Authorization Analyst - Military veterans preferred

2018-12-16
ManTech (www.mantech.com)
Other

/yr

  full-time   employee   contract


Washington

United States

Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation’s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group. Currently, ManTech is seeking a motivated, mission oriented Senior Assessment & Authorization Analyst in Washington DC area, with strong Customer relationships. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The FSS Division provides cyber solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer’s success is driving our growth.

Role and Responsibilities:

• Provide technical oversight to the customer Information Security Compliance Program to ensure
all software systems are implemented according to customer information security policies and
technical guidelines.
• Conduct in-depth technical security reviews, risk assessments, and architecture reviews during
all phases of the system development life cycle and provide recommendations for
improvements.
• Provide technical writing support and guidance to system owners in the development, and
technical review of System Security Plans (SSPs), which document system technical and
procedural security features.
• Provide technical support for responding to and implementing Office of Inspector General and
Internal Controls/Internal Audit recommendations.
• Provide technical guidance in the development and revision of customer information security
policies.
• Review and enforce compliance with established policies and procedures. Ensure the rigorous
application of information security principles and practices in the delivery of all IT services.
• Analyze network security environment and user requirements with current security regulations
and guidelines to determine security functional requirements.
• Develop enterprise risk analysis strategy to support the customer network infrastructure, major
applications, and desktop systems.
• Develop, conduct, and prepare reports for security audits, reviews and other actions, as
appropriate.
• Interact with product designers and developers to analyze security features of products,
research and correct failures, identify security improvements or enhancement capabilities, and
recommend modifications.
• Perform other duties as required.
• Demonstrated experience with the library of NIST’s Special Publication (SP) documents. This
includes, but is not limited to, NIST SP 800-37 Revision 1, Guide for Applying the Risk
Management Framework to Federal Information Systems and NIST SP 800-53 Revision 4,
Security and Privacy Controls for Federal Information Systems and Organizations.
• Demonstrated experience in conducting technical risk assessments of applications, and
analyzing and mitigating system vulnerabilities.
• Demonstrated expertise in evaluating web-based applications, databases, and off-the-shelf
systems for security vulnerabilities and implementing realistic mitigating strategies.
• Experience preparing system security accreditation and authorization artifacts for Federal
systems audited against FISMA standards.
• Experience in interpreting and implementing information security policies and procedures.
• Solid understanding of current technologies, to include Oracle, SQL Server, and Drupal.
• Ability to communicate effectively, both orally and in writing, with information technology professionals, and technical and non-technical users.
• Ability to effectively coordinate and manage multiple tasks (e.g., assessments) simultaneously
to ensure that scheduled goals are met. Advertisement