Security Controls Assessor - Herndon, VA, United States - ManTech International

    ManTech International
    ManTech International Herndon, VA, United States

    2 weeks ago

    Default job background
    Technology / Internet
    Description
    Secure our Nation, Ignite your

    Future Summary:
    Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first
    At ManTech, you'll help protect our national security while working on innovative projects that offer opportunities for advancement
    Currently, ManTech is seeking a motivated, career and customer-oriented Security Controls Assessor (SCA) III to join our team in Herndon, VA

    Description:

    • The SCA III assesses management, operational, and technical security controls within an information system (IS) to determine effectiveness
    They rate the severity of weaknesses or deficiencies in the IS and recommend corrective actions to address identified vulnerabilities
    Responsibilities cover Collateral, Sensitive Compartmented Information (SCI), and Special Access Program (SAP) activities
    They oversee the development, implementation, and evaluation of IS security program policy with special emphasis on integration of SAP network infrastructure
    They assess Risk Management Framework (RMF) methodology in accordance with the Joint SAP Implementation Guide (JSIG)
    The SCA III advises the Information System Owner (ISO), Information Data Owner (IDO), Program Security Officer (PSO), and the Delegated and/or Authorizing Official (DAO/AO) on issues, evaluating authorization packages, making recommendations to the AO and/or DAO for authorization, and submitting the security package
    They ensure security assessments are completed and results documented, prepare the Security Assessment Report (SAR) for the Authorization Boundary, and assess proposed changes to Authorization Boundaries' operating environments and mission needs
    They create a Plan of Action and Milestones (POA&M) with identified weaknesses for Authorization Boundaries assessed based on findings and recommendations from the SAR, evaluate security assessment documentation, and provide written recommendations for security authorization to the Government
    They review sanitization and clearing procedures in accordance with Government guidance and policy, assist with Government compliance inspections and cybersecurity incidents, and ensure proper corrective measures
    They ensure organizations address and conduct all phases of System Development Life Cycle (SDLC), evaluate hardware and software to determine potential security impact on Authorization Boundaries, and evaluate effectiveness and implementation of Continuous Monitoring Plans
    The SCA III reports directly to the Lead Cybersecurity SME
    The SCA III is an expert on the regulatory side regarding cybersecurity protection measures for Information Systems
    The SCA III supervises and mentors subordinate project and Team ManTech staff

    Basic Qualifications:

    • A minimum of five (5) years of position-specific related experience.
    • 6 years of experience in SAP, SCI, or Collateral Information Systems (IS) Security and the implementation of regulations identified in the description of duties, or as an Information System Security Officer (ISSO) and (Information System Security Manager (ISSM) or SCA.
    • Bachelor's degree with 9 years of experience
    (Can be substituted for a HS diploma with 13 years of experience or an Associates degree with 11 years of experience.)

    • Certification in DoD Directive M for Information Assurance Technician (IAT) Level III or Information Assurance Manager (IAM) Level III.
    • Current Top Secret Clearance with SCI Eligibility and eligibility for access to Special Access Program Information
    Will submit to a Counterintelligence polygraph.

    • Experience in DoD, national and applicable service and agency security policy, manuals, and standards

    Preferred Qualifications:

    • DoD m IASAE Level III certification (ISC2 CISSP-ISSAP, CISSP-ISSEP or CISSP-ISSMP).
    • Master's degree in Cybersecurity, Computer Engineering, Computer Science, or other closely related IT discipline.
    • Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), Global Information Assurance Certification (GCIA), GIAC Penetration Tester Certification (GPEN).
    • Experience with ServiceNow, Microsoft TechCenter, or JIRA Ticketing Systems

    Clearance Requirements:

    • The ability to obtain and maintain a TS/SCI Eligible Clearance is required prior to starting this position.
    • Must be a US Citizen

    Physical Requirements:

    • The person in this position must be able to remain in a stationary position 50% of the time
    Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentations

    For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license.

    The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law
    ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone
    ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer
    We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law
    If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTechs Corporate EEO Department at
    ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply
    ManTechs utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies
    ManTech does not accept resumes from unsolicited recruiting firms
    We pay no fees for unsolicited services
    If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability
    To request an accommodation please click and provide your name and contact information.