Information Security Project Manager - Military veterans preferred
2018-11-17 ManTech (www.mantech.com)
Bethesda Maryland United States
Lead team to support the capability to assess up to five (5) individual systems simultaneously per federal government schedule.
Build and manage a team that provides the subject matter expertise and proficiency using tools for security assessments, including but not limited to Nessus, WebInspect, DB Protect, Fortify, Appscan, Nipper, Burp Suite Pro, WebSphere, ActiveState Perl, Aquafold, SoapUI Pro, Ultraedit, SNSScan, SolarWinds Engineer’s Toolset, Fortify and/or other as required.
Develop and provide all documentation necessary for performing a Security Control Assessment, as well as ad hoc system specific documentation as specified by the government Ensure that system access required for testing is acquired at least 30 days prior to Security Assessment start date and remains for at least 6 months post-assessment to accommodate any additional follow-on testing.
Be proficient at testing, analyzing and interpreting Security Assessment Results for all systems, including but not limited to the following platforms:
Microsoft Server 2003/2008/Other
Microsoft SQL Server
Oracle DBWindows XP, 7
Manage a team to successfully conduct Security Control Assessments for each USCIS system as part of the Security Authorization Process Provide a comprehensive Document review (DR) of all SAP artifacts to support the SCA.
Create a POA&M table for each system in preparation for the Authorization to Operate within two days of the SAR being accepted by the federal government. The POA&M Table shall be written to meet a quality standard ensuring they are approved by the federal government after only one round of comments.
Ensure technical review of ISSO-provided artifacts or ad-hoc scans to accommodate POA&M closures and closure of all USCIS POA&Ms.
Familiarity with establishing mailboxes and report tracking mechanisms to ensure that the federal staff knows where all POA&Ms are in the POA&M management process at all times by running a simple report.
Prepare, manage and coordinate all USCIS Interconnection Security Agreements (ISAs) in coordination with any/all external organizations necessary to obtain ISA concurrence signatures; consistent with NIST SP 800-47 Security Guide for Interconnecting Information Technology System series guidance, and establish a real-time database of all ISAs.
Excellent critical-thinking and problem-solving skills.
Ability to clearly and concisely provide project status updates to senior management.
Strong ability to operate as member of a multi-functional team.
Ability to multi-task and keep track of work.
Must have self-motivation and initiative to tackle large problems from start to finish.
Must have excellent time management skills to work in a fast-paced professional environment.
Must have the ability to design solutions that are not cookie cutter.
Must have project management and time management skills.
Must be able to work independently and within a matrixed organization.
Ability to follow directions from management.
Availability to work outside of normal business hours to support a production network.
Must be available to be on call many weeks throughout the year.
Must have excellent team work and collaborations skills.
Ability to maintain composure in a fast paced, high stress, demanding environment.
Experience operating in a DevOps environment for at least 12 months preferred.
Demonstrated ability to manage complex tasks and teams.
Project Management Institute (PMI) certification required.
Certified Information System Security Professional (CISSP) certification required.
Provide superior customer service; possess strong communication (verbal and written) and interpersonal skills in a dynamic environment.
Education – Typically requires B.S. degree in computer science, systems engineering, or electrical engineering, or industry equivalent experience required, and minimum of 5 years of related experience in information security. Minimum 10 years of IT project management experience; minimum eight years’ experience specialized in enterprise IT services.
Clearance Requirements – US Citizen with the ability to obtain Public Trust and complete DHS Security Clearance; Ability to obtain DHS EOD suitability or Current DHS EOD preferred.