Senior Information System Security Officer
$109,100 - $181,100/Yr
ManTech - Washington, DC
posted 26 days ago
Full-time - Senior
Remote - Washington, DC
Professional, Scientific, and Technical Services
About the position
The Senior Information System Security Officer (ISSO) at ManTech is responsible for overseeing the security configuration, practices, and procedures for information systems. This role involves continuous monitoring, vulnerability management, and ensuring compliance with security controls throughout the system lifecycle. The ISSO acts as a liaison between system owners and security personnel, ensuring that security documentation is maintained and updated, and that risks are managed effectively.
Responsibilities
- Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS.
- Provide liaison support between the system owner and other IS security personnel.
- Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle.
- Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis.
- Conduct required IS vulnerability scans according to risk assessment parameters.
- Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities.
- Manage the risks to ISs and other FBI assets by coordinating appropriate correction or mitigation actions, and oversee and track the timely completion of (POAMs).
- Coordinate system owner concurrence for correction or mitigation actions.
- Monitor security controls for FBI ISs to maintain security Authorized to Operate (ATO).
- Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase.
- Ensure that changes to an FBI IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM).
- Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR.
- Working knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes.
Requirements
- A minimum of 7 years serving as an Information Systems Security Officer (ISSO) at a cleared facility.
- Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level III.
- Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications.
Nice-to-haves
- A bachelor's or advanced degree in Computer Science, Cybersecurity, or other cyber discipline is preferred.
Benefits
- Health Insurance
- Life Insurance
- Paid Time Off
- Holiday Pay
- Short Term and Long Term Disability
- Retirement and Savings
- Learning and Development opportunities
- Wellness programs
- Other optional benefit elections
