Information System Security Officer (ISSO) - Military veterans preferred

2022-06-20
ManTech (www.mantech.com)
Other

/yr

  full-time   employee


Quantico
Virginia
22135
United States

Where applicable, confirmation that you meet customer requirements for facility access which may include proof of vaccination and/or attestation and testing, unless an accommodation has been approved.

Secure our Nation, Ignite your Future

ManTech is seeking a Information System Security Officer (ISSO) to join our MCIA team supporting our growing Marine Corps programs at Quantico, VA

ManTech International Corporation provides innovative engineering and systems integration services that help our customers solve their toughest, most intractable problems. National defense and homeland security clients depend on our rapid, cost-effective development of adaptable, interoperable, integrated solutions that provide high performance in quick-response scenarios.

This position requires an active DoD TS/SCI clearance

General Responsibilities:

  • Provides required oversight, guidance and support for ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, Network/Hardware/Software certification and accreditation, IA Policies and procedures, and network IA/Security tools.
  • Stay current with latest DoD, Navy, and Marine Corps IA doctrine
  • Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures
  • Assess the performance of IA security controls within the IT infrastructure
  • Identify IA vulnerabilities resulting from a departure from approved procedures and plans and take appropriate corrective, mitigation, and recovery actions
  • Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs
  • Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements
  • Perform system audits to assess security related factors within the IT infrastructure
  • Review response actions to security incidents
  • Maintain a repository for all system accreditation/certification documentation
  • Maintain a repository for all personnel required certifications
  • Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users
  • Develops and drafts policies and procedures:
    • To ensure systems reliability and accessibility
    • Prevention and defense against unauthorized access to networks, systems and data
    • Creating and developing all required documentation for network, hardware and software certification and accreditation packages
    • Performing risk and vulnerability assessments of planned and installed systems
    • Conducting security evaluations, audits, and reviews
    • Developing contingency plans and disaster recovery procedures
    • Participating in network and systems design to ensure implementation of appropriate security policies and practices
    • Assisting in the gathering, analysis, and preservation of evidence related to security violations
    • Developing and implementing information security training programs to ensuring users understand and adhere to security policies and procedures
  • Assists with analysis of Customer/End User requirements for information technology networks, hardware and software applications. Then create the certification and accreditation package for the appropriate Authorizing Official.
  • Requires a strong working knowledge of Information Assurance (IA) security controls, security technical implementation guides (STIGS) requirements as identified by and applied in the DoD Risk Management Framework Certification and Accreditation (C&A) process.
  • Develops Network Security and Information Assurance documentation for all stages and aspects of the Hardware and Software development life cycles, including policies, processes, and procedures.
  • Under the guidance of the Organizational ISSM, organizes, coordinates, and facilitates C&A projects, Certification Requirement Reviews (CRR), participates in Technical Exchange Meetings (TEMs) and C&A working groups.
  • Assists Subject Matter Experts (SME) in developing validation test plans for adherence to RMF IA requirements and documenting test results.
  • Ability to work with various levels of technical and management staff.
  • Other duties as required

Mandatory Skills Requirements:

  • Shall meet DOD 8570 requirements for IAT II
  • TS/SCI clearance
  • Must be capable of independently completing all required system accreditation paperwork to obtain an Authority to Operate (ATO), Authority to Connect (ATC) or Interim Authority to Test (IATT)
  • Must be familiar with the Risk Management Framework (RFM) process
  • Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave
  • Support and assist in the development of system security packages based on current doctrine

Other Skills Preferred:  List in bulleted format

  • Knowledge of information security systems and applications for DoD projects
  • Knowledge of DoD 8510.01
  • Intelligence Community Directive (ICD) 503
  • Intelligence Community Information Technology Systems Security Risk Management
  • Certification and Accreditation
  • DoD Intelligence Information System (DoDIIS)-Joint Security Implementation Guide (DJSIG)
  • Other Emerging IA policies
  • Familiarity with Marine Corps Certification and Accreditation Support Tool (MCCAST)

Physical requirements:

Must be able to remain in a stationary position 50%

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.