Information Systems Security Analyst

Company: ManTech
Location: Washington
Posted on: March 19, 2023

Job Description:

**Secure our Nation, Ignite your Future**Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, you'll help protect our national security while working on innovative projects that offer opportunities for advancement.Currently, ManTech is seeking a motivated, career and customer-oriented Information Systems Security Analyst to join our team in the Washington DC location.**We offer 10k sign-on bonus OR 10K Relocation assistance with outstanding benefit package****Responsibilities include, but are not limited to:**+ As the ISSA, the individual will the Information Systems Security Manager to implement and manage an effective and comprehensive IA program as outlined in the Joint Special Access Program Implementation Guide, Rev 4, as amended. This assignment requires demonstrated technical expertise in all IA functional areas, and ability to integrate this expertise with practical knowledge of the mission, objectives and operations of the support program office. The work requires close/continuing collaboration with all levels of personnel within the project areas, from senior managers to working-level personnel, to foster and facilitate integration of IA principals and methods into all aspects of the Information Technology/Information management (IT/IM) operations.+ The individual ISSA shall promote/integrate IA methods/techniques into all aspects of operations and developmental work, including the upfront integration of IA controls into products under development.+ The ISSA shall support efforts to comply with governing IA policies, procedures and documentation requirements (e.g., Clinger-Cohen Act), and ensure the security/integrity of IT/IM systems. The ISSA shall conduct announced/unannounced IA reviews/inspections to ensure adherence to C&A documentation, and IA regulations, and supports activities of external auditors, including defining/implementing/documenting plans of action to address noted deficiencies.+ The ISSA shall perform continuing analysis of in-place IA plans/programs/processes to ensure they provide an optimized level of security for the program's IT assets/operations, and are responsive to the program's rapidly changing operational requirements for IT security. The ISSO shall make recommendations to program/project manager for IA program plan refinements, which must be achievable within resource constraints.+ The ISSA shall develop a Plan of Actions and Milestones (POA&M) for all systems under RMF/JSIG. On a continuing basis the contractor shall inform the Program Manager/Deputy Program manager (PM/DPM) and the IT/IM lead with milestone activity updates, including but not limited to schedule impacts, system vulnerabilities, patch management actions, and Designated Authorizing Official (DAO) directives. Notification shall include sufficient lead time to effect system changes to maintain the system Authority to Operate (A TO). The ISSA shall recommend and communicate alternative actions to any POA&M that will maintain or minimize impact to schedule.+ The ISSA shall work collaboratively with IT/IM staff in the development and implementation of security controls for program IT systems, as approved by the authorizing authority. The ISSA shall review the Audit Logs and identify all anomalies to the appropriate authorities. The ISSA may act as a Data Transfer Agent and may utilize an approved Assured File Transfer (AFT) procedure. The ISSO shall report any anomalies while processing AFT's to the PM and Security manager and will make recommendations for corrective actions when necessary. On a continuing basis, the ISSA shall collect and analyze a variety of quantitative metrics used in the management of IA functions of IT systems and collaborates with the IT/IM personnel in developing any reports on the Cyber Security posture of the IT systems. The ISSA shall provide reports to Senior Managers and the ISSMon system vulnerability status, problem resolution and root cause analysis.+ The ISSA shall perform ISSA duties as assigned in the ISSA appointment letter and as further defined in the RMF/JSIG duties and responsibilities assigned to the position. The contractor shall communicate work plans and serves as the liaison between the IA team and its customers. The contractor shall develop and maintain IA schedules, and inform customers in advance of activities that could affect their access to or the capabilities of the mission-essential resources.**Basic Qualifications**+ DoD 8570 IAT Level 2 certification required (CCNA Security, GICSP, GSEC, Sec+, CND or SSCP) or within 6 months of hire.+ 2-5 years of experience thriving in an ISSO role+ Experience creating policy / procedure documentation in support of RMF packages**Preferred Qualifications**+ Experience auditing / working in a Windows environment+ Pervious implementation of JSIG in a SAP environment+ Splunk experience+ Nessus experience**Security Clearance Requirements:**+ US Citizenship required and active TS-SCI clearance adjudicated within the last 6 years+ Candidate must be open to CI poly**Physical Requirements:**+ Must be able to remain in a stationary position up to 75% of the time+ Must be able to move about inside the office and datacenter to access IT equipment+ The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations+ Must be able to observe and detect employee deviations from established policyFor all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click careers@mantech.com and provide your name and contact information.

Keywords: ManTech, Washington DC , Information Systems Security Analyst, Professions , Washington, DC