Mantech

ManTech seeks a motivated, career and customer-oriented Information System Security Officer (ISSO) to join our team in Huntsville, AL.

Responsibilities include, but are not limited to:

• Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for networks, systems, tools and environments.

• Ensure that selected security controls are implemented and operating as intended during all phases of the network, system, tool lifecycle and ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis

• Complete all documentation for an ATO package such as but not limited to System Security Plan (SSP), security requirements traceability matrix (SRTM), incident response plan (IRP), etc.

• Conduct required vulnerability scans according to risk assessment parameters

• Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities while managing the risks to systems and other assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs)

• Monitor security controls for systems to maintain security Authorized to Operate (ATO) and coordinate system owner concurrence for correction or mitigation actions

• Upload all security control evidence to the customer’s Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase

• Ensure that changes to a system or network, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM)

Minimum Qualifications:

• 8 + years of IT experience with 5+ years serving as an Information Systems Security Officer (ISSO) in the Federal Government.

• Demonstrated experience with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications

• In depth experience with NIST 800 series publications and Federal Information Security Management Act (FISMA) compliance

Hold at least one of the following certifications:

• Certified Information Systems Security Professional (CISSP)

• Global Information Security Professional (GISP)

• CompTIA Advanced Security Practitioner (CASP)

• or other certifications as described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level III

Preferred Qualifications:

• A bachelor's or advanced degree in Computer Science, Cybersecurity, or other cyber discipline is preferred

• Experience with GRC tools such as Xacta, RiskVision and/or JCAM

Clearance Requirement:

• Must have an active Top Secret with the ability to obtain SCI eligibility prior to starting this position.

Physical Requirements:

• Must be able to remain in a stationary position 50%

• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer

• The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.