ManTech is seeking an Information Systems Security Engineer (ISSE) in Herndon, VA. Join ManTech and help protect our country against our cyber adversaries while working on innovative projects that offer opportunities for advancement. We encourage our team members to share and grow their skills and expertise while creating robust and cutting-edge solutions.
Responsibilities include, but are not limited to:
- Review and assess Risk Management Framework (RMF) authorization body of evidence for classified information systems, to include System Security Plan (SSP), Security Control Traceability Matrix (SCTM), Continuous Monitoring Plan, Incident Response Plan, Access Control Plan, and Security Assessment Plan
- Review new and existing systems for technical compliance with IA directives and protection of data at all classification levels including SCI
- Advise on in-depth security design review and threat/risk assessments
- Provide inputs to technical artifacts, including Plans of Action and Milestones (POA&Ms), Security Control Traceability Matrices (SCTM), and Risk Assessment Reports (RARs)
- Conduct site visits (as required) and assessments to inspect IA plans and security control implementations and support Incident Response Team (IRT) activities
Minimum Qualifications:
- 3+ years of implementing NIST 800-53, Rev 4 and the Risk Management Framework (RMF)
- 3+ years of using information security and assurance practices and principles for the customer
- 3+ years of experience with Windows and Linux environments
- 3+ years of experience with virtualization or cloud environments
- Experience with information security tool such as MS Active Directory, Splunk, ACAS/Nessus, McAfee and AWS Security
- DoD 8570 IAT Level II certification or higher
Preferred Qualifications:
- Knowledge of enterprise cyber defense technologies such as SIEM systems,SysMon, network and host based IDS and IPS, network and host-based malware detection and prevention, Endpoint Detection & Response (EDR) and Network Detection & Response (NDR), Network and Host malware detection and prevention (EDR/NDR) tools, forensics tools and applications, Web/Email gateway security technologies, Security Orchestration, Automation and Response (SOAR) and cloud based platforms such as Azure, AWS, or Google.
Clearance Requirements:
- Active/Current TS/SCI with polygraph