Sr. ISSE (94490BR)

  • ManTech International
  • 02/26/2018

Job Description

USA, DISTRICT OF COLUMBIA, Washington Full-Time Security Clearance: TS/SCI Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement. Currently, ManTech is seeking a motivated, career and customer oriented Sr. Information Systems Security Engineer (ISSE) to join our team in the Washington, DC area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. Responsibilities include, but are not limited to: 1. Defines, plans, designs, and evaluates information security systems and architecture 2. Performs requirements analysis, design, and integration for complex software applications and collaboration infrastructures 3. Writes implementation and design documents describing how security features are implemented 4. Serves as the lead technical subject matter (SME) on cyber/systems security matters 5. Employs best practices and lessons learned when implementing security including software engineering methodologies, system/security engineering principles, secure design, and secure architecture 6. Provides system security engineering support in designing and integrating automated information systems auditing capabilities 7. Conduct security control testing and reporting in accordance with the Risk Management Framework (RMF) and NIST 800-53; identifies deficiencies (POA&M) and provides recommendations for solutions 8. Implements a strategy for continuous monitoring for assigned systems including: Establishing system audit trails and ensuring their review, reporting all identified security findings and initiating the periodic review of security controls 9. Ensure that ISs are operated, maintained, and disposed of in accordance with approved security policies and practices 10. Develops, implements, and enforces information systems security policies. 11. Ensures that system security requirements are addressed during all phases of the IS lifecycle 12. Ensures implementation of a Configuration Management Plan (CMP) for software, hardware, and firmware is documented and maintained, and serve as a member of the Configuration Management Board, with Information System Security Manager (ISSM) and System Owner concurrence. 13. Support risk assessment and evaluation activities throughout the Security Assessment and Authorization (SAA) process 14. Initiate, with ISSM or CSO approval, protective and corrective measures when a security incident or vulnerability is discovered. Monitor IS recovery processes and ensure proper restoration of IS security features 15. Advises the System Owners regarding security considerations in the various applications 16. Serves as a resource for users concerning security questions regarding assigned systems and applications 17. Research and maintains knowledge of Information Assurance (IA) policies and practices, seeking clarification from the ISSM or higher authority when needed, and disseminates these to users Position Requirements: 1. Requires Bachelor’s degree or equivalent in the fields of mathematics, telecommunications, electrical engineering, computer engineering, or computer science or IT-related field and 10-12 years related experience; or Master’s degree with 7-9 years of experience 2. Requires expert technical knowledge in security engineering and IT systems engineering 3. Must possess excellent analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy 4. Knowledge and experience with securing Windows, UNIX, network operating systems, databases, virtual computing, and mobile devices 5. Strong IT system and application engineering background with experience in cloud computing, Windows desktop and server, Active Directory Group Policy, SQL, networking, and auditing 6. Experience with security testing, Risk Management Framework (RMF), information assurance tools, DoD STIG, and vulnerability assessment methodologies 7. CISSP is required. Candidates that do not current have a CISSP must be able to qualify and pass the certification within 6-9 months of hire. 8. SPLUNK experience highly desired 9. Knowledge of information security engineering, design concepts and principles. 10. Knowledgable with Systems Development Lifecycle (SDLC) methodologies and continuous monitoring activities 11. Extensive experience analyzing information technology and system risk in complex environments and articulating results (verbal/reports) to all levels of management. 12. Demonstrated experience conducting information system security controls assessments (SCAs) and applying standard auditing techniques during system security controls assessments, including the proper interpretation of the control requirements, determining if the artifacts provided are sufficient, and recommending remedial actions to the customer to ensure compliance 13. Demonstated experience writing information system security documentation (SSPs, POA&Ms, Security Assessment Reports (SARs)). 14. Extensive knowledge and experience with information security standards, policies and practices - NIST (800-53 rev4), FISCAM , FISMA, DOD, DCID, FBI, etc. 15. Ability to research and address information security issues as required, being an authority on the subject. 16. Must be a team player with "can do" attitude. Must be able to work independently with initiative and innovation. 17. Well versed with using vulnerability assessment tools (NESSUS, AppDetective, AppScan, WebInspect, etc.) and analyzing the results generated from these assessments 18. Proven ability to multi-task and deliver on-time with the highest quality 19. Exceptional interpersonal, verbal, and written communication skills, with the ability to collaborate well across teams and organizations, including interactions with senior-level executives. Candidates must be fluent in the English language. Security Requirements: APPLICANTS SELECTED WILL BE SUBJECT TO A GOVERNMENT SECURITY INVESTIGATION AND MUST MEET ELIGIBILITY REQUIREMENTS FOR ACCESS TO CLASSIFIED INFORMATION. TOP SECRET CLEARANCE IS REQUIRED WITH THE ABILITY TO GET SCI See Qualifications / Requires Bachelor¿s degree or equivalent and ten to twelve years of related experience. Minimum of four years experience in technology/tools specific to the target platforms. ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies. JBManTech ICJBMeta