Principal Information System Security Officer (ISSO) page is loaded **Principal Information System Security Officer (ISSO)**

**Principal Information System Security Officer (ISSO)**

locationsUSA-DC-Washington time typeFull time posted onPosted Yesterday job requisition idR24348 *****All ManTech employees will need to meet the requirements set forth in Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring all covered contractor personnel to be fully vaccinated against COVID-19.*****

**Secure our Nation, Ignite your Future**

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first. At ManTech International Corporation, youll help protect our national security while working on innovative projects that offer opportunities for advancement. Currently, ManTech is seeking a motivated, career and customer-oriented Principal Information System Security Officer (ISSO) in Washington, DC.

**Responsibilities include, but are not limited to:**

Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures

Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter

Create and maintain existing information system security documentation, including SSP, SCTM, and Risk Management Framework (RMF) Body of Evidence

Write implementation and design documents describing how security features are implemented

Prepare system documentation for assessment in accordance with RMF and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions; track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance

Create security policies and maintain existing information system security documentation

Conduct periodic and continuous monitoring of the system to ensure compliance with the authorization package

Work with the Cyber Security team to perform basic system administration and maintain various Cyber Security tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities

Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes

Conduct daily, weekly, and monthly audit review and management of the audit collection system for assigned systems, boundaries, and components

Continuously review and evaluate best practices for implementing a comprehensive audit program

Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure

Implement media control and data transfer policies

Provide direction and guidance to less experienced Cyber Security personnel

Remain sensitive to security infractions and assist in security investigations and responses as requested

Work on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment

Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage

Communicate well, both orally and in writing with both government and industry audiences

**Basic Qualifications:**

Graduated with an Associates degree (preferably in telecommunications, computer science, information systems management, electrical engineering, computer engineering or similar field of study) and 9+ years experience with information networks and related security concerns; or a Bachelors degree with 7+ years experience

Strong background and extensive experience with RMF, ICD 503, NIST SP800-53, JSIG or DJSIG; knowledge of current authorization practices, particularly within the DoD. Extensive background with DITSCAP/DIACAP may be substituted in some cases.

Some experience with security efforts related to modern Windows, Cloud computing, Linux, UNIX, Cisco, SQL or Oracle databases, and virtual computing. This might also include some system administration work with an emphasis on security control implementation.

Experience implementing and using various Cyber Security tools including vulnerability assessment, patch management, audit collection, audit review, audit management, and end point protection

DoD 8570.1 / DoD 8140.01 certification (IAT Level II or III, IAM level I, II or III, IASAE Level I, II, or III). Security+ or equivalent required at a minimum; CAP, CASP, CISSP, or CISM desired

Compliance with US Governments COVID vaccination mandate required.

ITIL v3.0 or Foundation Certifications desired

**Security Clearance Requirements:** Active Top Secret / SCI eligibility highly desired.

**Physical Requirements:**

* Must be able to remain in a stationary position 50%.

* Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.

* Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.

* Often positions self to maintain computers in the lab, including under the desks and in the server closet.

* Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

* May be asked to move Audio/Visual or Computer equipment.

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) ###-####. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please click ...@mantech.com and provide your name and contact information.

0:00 / 0:33