Information System Security Officer (ISSO)
at Mantech
Quantico, VA 22134, USA -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 16 Feb, 2025 | Not Specified | 19 Nov, 2024 | 4 year(s) or above | Accreditation,Connect,Icd,Ato | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
ManTech is seeking an Information System Security Officers in support of a government contract for wargaming in Quantico, Va.
MINIMUM QUALIFICATIONS:
- Bachelor’s degree and at least 4 years’ experience. A total of 8 years’ experience without a degree
- Shall meet DOD 8570 requirements for IAT II
- Must be capable of independently completing all required system accreditation paperwork to obtain an Authority to Operate (ATO),
- Authority to Connect (ATC) or Interim Authority to Test (IATT)
- Must be familiar with the Risk Management Framework (RFM) process
- Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave
- Support and assist in the development of system security packages based on current doctrine
PREFERRED QUALIFICATIONS:
- Knowledge of information security systems and applications for DoD projects
- Knowledge of DoD 8510.01
- Intelligence Community Directive (ICD) 503
- Intelligence Community Information Technology Systems Security Risk Management
- Certification and Accreditation
- DoD Intelligence Information System (DoDIIS)-Joint Security Implementation Guide (DJSIG)
- Other Emerging IA policies
- Familiarity with Marine Corps Certification and Accreditation Support Tool (MCCAST)
Clearance Requirements:
- Current DOD Secret clearance, with ability to acquire TS/SCI
PHYSICAL REQUIREMENTS:
- Must be able to remain in a stationary position 50%
Responsibilities:
- Provides required oversight, guidance and support for ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, Network/Hardware/Software certification and accreditation, IA Policies and procedures, and network IA/Security tools.
- Stay current with latest DoD, Navy, and Marine Corps IA doctrine
- Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of
- Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures
- Assess the performance of IA security controls within the IT infrastructure
- Identify IA vulnerabilities resulting from a departure from approved procedures and plans and take appropriate corrective, mitigation, and recovery actions
- Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs
- Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements
- Perform system audits to assess security related factors within the IT infrastructure
- Review response actions to security incidents
- Maintain a repository for all system accreditation/certification documentation
- Maintain a repository for all personnel required certifications
- Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users
- Develops and drafts policies and procedures:
- To ensure systems reliability and accessibility
- Prevention and defense against unauthorized access to networks, systems and data
- Creating and developing all required documentation for network, hardware and software certification and accreditation packages
- Performing risk and vulnerability assessments of planned and installed systems
- Conducting security evaluations, audits, and reviews
- Developing contingency plans and disaster recovery procedures
- Participating in network and systems design to ensure implementation of appropriate security policies and practices
- Assisting in the gathering, analysis, and preservation of evidence related to security violations
- Developing and implementing information security training programs to ensuring users understand and adhere to security policies and procedures
- Assists with analysis of Customer/End User requirements for information technology networks, hardware and software applications. Then create the certification and accreditation package for the appropriate Authorizing Official.
- Requires a strong working knowledge of Information Assurance (IA) security controls, security technical implementation guides (STIGS) requirements as identified by and applied in the DoD Risk Management Framework Certification and Accreditation (C&A) process.
- Develops Network Security and Information Assurance documentation for all stages and aspects of the Hardware and Software development life cycles, including policies, processes, and procedures.
- Under the guidance of the Organizational ISSM, organizes, coordinates, and facilitates C&A projects, Certification Requirement Reviews (CRR), participates in Technical Exchange Meetings (TEMs) and C&A working groups.
- Assists Subject Matter Experts (SME) in developing validation test plans for adherence to RMF IA requirements and documenting test results.
- Ability to work with various levels of technical and management staff.
- Other duties as required
REQUIREMENT SUMMARY
Min:4.0Max:8.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Other
Graduate
Proficient
1
Quantico, VA 22134, USA