Stay current with latest DoD, Navy, and Marine Corps IA doctrine. Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures. Assist the Government to generate and maintain security documentation for system hardware and software, to include System Security Plans, equipment lists, practices, and procedures. Assess the per... more details
Secure our Nation, Ignite your Future
ManTech is seeking a Security Control Accessor to support our Marine Corps Intelligence Activity contract on MCB Quantico
This role requires an active DoD TS/SCI clearance.
General Responsibilities:
- Stay current with latest DoD, Navy, and Marine Corps IA doctrine.
- Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures.
- Assist the Government to generate and maintain security documentation for system hardware and software, to include System Security Plans, equipment lists, practices, and procedures.
- Assess the performance of IA security controls based on NIST 800-53A within the IT infrastructure.
- Identify IA vulnerabilities resulting from a departure from approved procedures and plans.
- Evaluate potential IA security risks and make recommendations regarding corrective, mitigation, and recovery actions.
- Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), Intelligence Community Vulnerability alerts (ICVA), technical advisories (TA), and OPDIRs
- Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements.
- Perform system audits to assess security related factors within the IT infrastructure.
- Review response actions to security incidents
- Ensure associated entities are properly maintaining repositories for all system authorization documentation.
- Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users.
- Participate in the Continuous Monitoring process
- Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave.
- Support and assist in the development of system security packages based on current doctrine.
- Participating in Self-Assessment of system security controls and results documented in SAR in preparation of Event.
- Reviewing data in Xacta package to prepare for assessment.
- Conducting Certification Assessment
- Reviewing Technical Assessment: (ACAS, SCAP, PPS Verification, STIGS)
- Completing a Security Assess Review for the event.
- Generating SCCM data elements, POA&M, SAR, and Risk Assessment Report (RAR) as required
- Publishing a POA&M report, NIST RA, NIST SCCM, SAR, SAR Table and Extensible Documents
- Importing data elements from the ATO letter into Xacta
- Documenting results/deliverable artifacts (results from the SCA audit, STIG Checklists, POA&Ms, reports, scans)
- Documentation uploaded into Xacta for accreditation review.
Mandatory Skills Requirements:
- Shall meet DOD 8570 requirements for IAM III
- TS/SCI clearance
- Bachelor’s Degree (+4 years’ experience), Associate’s Degree (+6 years’ experience), or High School Diploma (+8 years’ experience)
- Must be familiar with the Risk Management Framework (RMF) process and applicable guidance (NIST 800-53, NIST 800-37, CNSSI 1253, FIPS 199, ICD 503 etc.)
- Must be familiar with Certification Assessment and all respective events.
- Must be familiar with security controls and respective IT infrastructure and capable of correlating applicability, validating compliance/implementation, and working with engineers for mitigations.
- Experience with Tenable Security Center
Other Skills Preferred:
- Knowledge of information security systems and applications for DoD projects
- Knowledge of DoD 8510.01
- Risk Management Framework (RMF) Process
- Intelligence Community Directive (ICD) 503
- Intelligence Community Information Technology Systems Security Risk Management
- Other Emerging IA policies
Physical requirements:
Must be able to remain in a stationary position 50%
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.