Draft, review, and update Risk Management Framework (RMF) artifacts required for FISMA Compliance - Coordinate with Operations and Maintenance (O&M) teams to drive compliance with Security Controls and requirements. Work with System Owners and controls assessors to draft achievable Plans of Actions & Milestones (POA&Ms) to remediate findings. Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Monitor and report on POA&M remediation activ... more details
Secure our Nation, Ignite your Future
Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a Cloud ISSO to join our team in the Lorton Location.
Responsibilities include, but are not limited to:
- Draft, review, and update Risk Management Framework (RMF) artifacts required for FISMA Compliance • Coordinate with Operations and Maintenance (O&M) teams to drive compliance with Security Controls and requirements
- Work with System Owners and controls assessors to draft achievable Plans of Actions & Milestones (POA&Ms) to remediate findings
- Conduct periodic reviews of information systems to ensure compliance with the security authorization package
- Monitor and report on POA&M remediation activities
- Serve as a Point of Contact (POC) for cyber security questions
- Advise System Owners on cyber security best practices
- Provide clarification on cyber security policies and regulations
- Coordinate with Information System Security Managers (ISSMs) and Operations and Maintenance (O&M) teams in support of account approvals
- Coordinate with O&M and Identity Credentials & Access Management (ICAM) teams to manage user authentication and management
- Coordinate with Security Engineering and O&M teams to identify and document system asset data
- Coordination with security and O&M teams to report and mitigate vulnerabilities
- Support the creation and updating of Security Awareness Training content
- Coordinate with the Security Operations Center, Incident Response teams, and Federal staff to report Security Incidents and violations
Basic Qualifications:
- Bachelor’s degree or six years of industry related experience may be substituted for a degree.
- Minimum of 5 years’ experience in cyber security analysis, engineering, incident response, or related IA/Security experience.
- DoD 8570 IAT Level 2 or Higher certification upon start
- 2-3 years of experience supporting secure operations of Cloud computing systems subject to FISMA
- Strong understanding of the Risk Management Framework
- Experience working with Enterprise vulnerability management tools such as but not limited to: HBSS and Nessus.
- Experience working in small teams with increasing responsibility.
Preferred Qualifications:
- Azure AZ-900, Cloud+, CCSP or AWS Cloud Practitioner certification(s)
- Experience in one or more of the following: Joint SAP Implementation Guide, NIST 800- 53, FedRAMP, FISMA, Attribute-based Access Control schemes
- Experience with Azure Sentinel or other SIEM systems
- Experience with query or scripting languages.
Security Clearance:
Preferred:
- Experience in one or more of the following: Joint SAP Implementation Guide, NIST 800- 53, FedRAMP, FISMA, Attribute-based Access Control schemes
Physical Requirements:
- Sedentary work that primarily involves sitting/standing/walking/talking.
- ?Moving about to accomplish tasks or moving from one work site to another.
- Communicating with others to exchange information.
- The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations
- Working with Computers.
#LI-TH1
DDISAP
For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.
