Information Systems Security Officer 2 (ISSO 2) - Military veterans preferred

2019-08-08
ManTech (www.mantech.com)
Other

/yr

  full-time   employee


Las Cruces
New Mexico
88001
United States

Secure our Nation, Ignite your Future

.

Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We understand that in order to hold this distinct honor, we must provide our employees with the opportunity to break through barriers.  We reinvest in our employees through rich educational opportunities such as 100% paid tuition for qualifying Bachelor’s and Master’s degrees, rich training and certification programs allowing our employees to obtain industry best certifications, a variety of Communities of Practice (COPs) where employees can exchange knowledge and much more, along with a vast array of instruction and resources needed for personal and professional development through our very own ManTech University.  In addition to those amazing benefits, ManTech also has a fully dedicated Career Mobility team to provide you with guidance and assistance to continue to grow your career with ManTech.

Currently, ManTech is seeking a motivated, career and customer-oriented Information Systems Security Officer 2 (ISSO 2) to join our team in the Las Cruces, NM area to provide unparalleled support to our customers and to begin an exciting and rewarding career within ManTech.

Roles/Responsibilities:

  • The contractor shall manage the day-to-day system security including physical and environmental protection, incident handling, and information system security training and awareness.
  • The contractor shall support the Information System Owner to draft, develop, update, or maintain the system security plan (SSP), and other related documents, following the customers, IC, and DoD applicable policies, procedures, and templates.
  • The contractor shall support initial risk analysis and present results to the Information System Owner and PSO.
  • The contractor shall participate in assessment and integration, verification, and validation (IV&V) testing activities.
  • The contractor shall play an active role in continuous monitoring to include assessing the security impact of system changes, updating the SSP, managing and monitoring changes to the system, and disposal of the system in accordance with the customers, IC, and DoD security policies and practices, as outlined in the approved SSP.
  • The contractor shall formally notify the ISSM, PSO, and Information System Owner when changes occur that may affect accreditation authorization, thus initiating the re­ certification/re-accreditation process.
  • The contractor shall ensure all IS security-related documentation is current and accessible to properly authorized individuals.
  • The contractor shall maintain and update IT asset records in the Assessment Engine on behalf of the Information System Owner.
  • The contractor shall process information systems access requests, ensuring all users have the requisite SCI security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS.
  • The contractor shall report all security-related incidents to the ISSM and the cognizant PSO.
  • The contractor shall initiate, with the approval of the ISSM, protective or corrective measures when a security incident or vulnerability is discovered.
  • The contractor shall ensure configuration management (CM) for the security relevant IS software, hardware, and firmware is maintained and documented.
  • The contractor shall follow procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system.
  • The contractor shall ensure system recovery processes are monitored to ensure that security features and procedures are properly restored.
  • The Contractor shall ensure system security requirements are addressed during all phases of the system life cycle.
  • The contractor shall ensure that security systems comply with appropriate assessment and authorization standards (e.g., ICD 503) by preparing and submitting relevant documentation to the customer.
  • The contractor shall be responsible for controlling, labeling, virus scanning, and appropriately transferring data (uploading/downloading) between various information systems as required.
  • The contractor shall perform requested uploads/downloads, virus scanning, and software updates for applicable information systems and local and wide area networks (LAN/WANs).
  • The contractor shall support comprehensive investigations into all related data spills and IT incidents at both government and contractor sites.
  • The contractor shall support information protection needs, system security requirements, system security architecture, and verify information protection effectiveness as related to mission requirements.
  • The contractor shall provide guidance on system security, assessment and authorization issues, and INFOSEC policy and security vulnerabilities.
  • The contractor shall provide security support to large conferences and other program activities.
  • The contractor shall provide advice and guidance to program personnel and Program Security Officers on all Information System (IS) security issues across all NRO activities.
  • The contractor shall support the Government POC in managing the acquisition, operation, storage, inventory, and disposition of all Communications Security (COMSEC) related material and equipment as required.
  • The contractor shall work security issues involving multiple Intelligence Community SCI Control Systems, DoD SAP/SAR activities, and SCI Special Handling programs.
  • The contractor shall provide appropriate security awareness and training to information system users.
  • The contractor shall coordinate activities with official designated representatives, chief information officers, senior agency information system security officers, information system and common control providers, and information system security officers.
  • The contractor shall maintain effective communications with the Information System Owner, AO or DAO, ISSE, SCA, ISSM, and PSO.
  • The contractor shall attend program technical exchange meetings, staff meetings, and program review milestone meetings, as directed.
  • The contractor shall monitor and track status of applicable patches including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), and technical advisories (TA) for the networks and operating system(s) under their purview.
  • The contractor shall review applicable audit logs for actions to include but not limited to security relevant events/activities, suspicious activity, baseline changes and notify the ISSM of any discrepancies.
  • The contractor shall write, review, and/or assess security documentation and plans (e.g., Operational Security (OPSEC) Plans, Program Protection Plans, Classification Guides, DD 254's, Contract Data Classification Worksheets) focusing on safety and security of personnel, assets, resources, and mission.

Requirements/Education:

  • Must possess a Bachelor’s degree from an accredited college/university and 3 years of experience or an Associate’s degree and 6 years of experience.
  • Must be IAT II certified.
  • Thorough understanding and application of network security principles, practices, and implementations.
  • Working knowledge of cross-functional integration of information systems into a physical security environment.
  • Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
  • Understanding of system methodologies including but not limited to client server, web hosting, web content servers, policy servers, directory servers, firewalls, WAN, LAN, switches, and routers.
  • Familiarity with detecting and preventing computer security compromises in a networked environment.
  • Working knowledge of configuration management; system maintenance; and integration testing.
  • Proficient in the use of tools used to prevent and/or negate malicious code.
  • Understanding of COTS tools that scan at the physical layer of all removable and fixed media types including but not limited to: (CDs, hard drives, thumb drives, Zip/Jazz, etc.).
  • Ability to decipher and explain in clear language Intelligence Community Directive (ICD) 503.
  • Ability to support forensics and evidentiary preservation.
  • Ability to troubleshoot technical configurations and make recommendations on the protection of classified and sensitive data.
  • Demonstrated ability to translate technical information and information technology jargon into plain English.
  • Ability to apply a risk management philosophy when faced with security challenges and the ability to articulate the pro's and con's in a clear concise manner.
  • Demonstrated proficiency with the following computer operating systems (e.g. Microsoft Windows, LINUX, UNIX, Mac OS, etc.).
  • Analytical ability to decipher complex technical configuration management documents.
  • Demonstrated proficiency with database maintenance.
  • Strong ability to elicit, articulate, and document information in a well-organized manner.
  • Demonstrated ability to work independent of close supervision.
  • Demonstrated experience with Microsoft Office Suite.
  • Working knowledge of all applicable NRO, IC, DoD policies, procedures and operating instructions related to Information Technology, Information Assurance, Information Management   (IT/INIM).
  • Excellent communication, interpersonal, and team-building skills to engender rapport with the military personnel, civilians, and other contractors at all levels.
  • An ability to prioritize work to meet deadlines, and to manage the workflow of the ISSO team.
  • Demonstrated ability to correlate audit results between various systems and/or users and notify the ISSM of any discrepancies.

Clearance:

  • Must possess an active TS/SCI w/ a Counterintelligence Polygraph.

#LI-JS1

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.