Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Principal Information System Security Officer (Isso)

Expired Job

Mantech Norfolk , VA 23501

Posted 3 months ago

Entering ManTech s 50th year, we hold the distinct honor of being named a Top 100 Global Technology Company by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.

Become an integral part of a diverse team that leads the world in Mission, Cyber, and Intelligence Solutions. At ManTech International Corporation, you will help protect our national security while working on innovative projects that offer opportunities for advancement.

The IMS Division provides cyber solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer s success is driving our growth.

Currently ManTech is seeking for a talented, motivated ISSO who will ensure that the appropriate operational security posture is maintained for assigned information systems and as such, works in close collaboration with the Information System Security Manager (ISSM), the Chief Information Security Officer (CISO) staff, and the Information System Owner (ISO). You will ensure that cyber security requirements are effectively integrated into information systems' operations, management, and documentation. As a Principal Information System Security Officer, you will provide critical systems, application and infrastructure support to our Department of Defense customer. You have the opportunity to work with a team across multiple technical areas to include operations, engineering, security, and systems development. This is a great opportunity for technical and professional growth.

Responsibilities include but are not limited to:

  • Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness

  • Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures

  • Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter

  • Create and maintain existing information system security documentation, including SSP, SCTM, and Security Configuration Guide

  • Write implementation and design documents describing how security features are implemented

  • Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions; track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance

  • Create security policies and maintain existing information system security documentation

  • Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package

  • Work with the IA team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities

  • Participate in the change management process, including reviewing Change Requests and assisting in the assessment of security impact of proposed changes

  • Conduct daily, weekly and monthly audit review and management of the audit collection system

  • Continuously review and evaluate best practices for implementing a comprehensive audit program

  • Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure

  • Implement media control and data transfer policies

  • Provide direction and guidance to less experienced IA personnel

  • Remain sensitive to security infractions and assist in security investigations and responses as requested

  • Work on project teams responsible for engineering and packaging releases to integrate within the customer's production IT environment

  • Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage

  • Work in close coordination with the ISSM, you will play an active role in monitoring assigned systems and their environment of operation to include developing and maintaining the System Security Plan (SSP) and Security Controls Traceability Matrix (SCTM), managing and controlling changes to the system, and assessing the security impact of those changes.

Positions Requirements:

  • Bachelor's degree (preferably in telecommunications, computer science, information systems management, electrical engineering, computer engineering or similar field of study) and seven to nine years experience with information networks and related security concerns; or a Master's degree with three to five years experience

  • Strong background and extensive experience with RMF, ICD 503, NIST SP800-53 or DCID 6/3; knowledge of current authorization practices, particularly within the DoD. Extensive background with DITSCAP/DIACAP may be substituted in some cases.

  • Some experience with security efforts related to modern Windows, Linux, UNIX, Cisco, SQL or Oracle databases, and virtual computing. This might also include some system administration work with an emphasis on security control implementation.

  • Experience implementing and using various IA tools including vulnerability assessment, patch management, audit collection, audit review, audit management, and end point protection

  • Analytical skills and be capable of quantifying risk to enterprise systems and level of compliance with security policy

  • DoD 8570.1 / DoD 8140.01 certification (IAT Level II or III, IAM level I, II or III, IASAE Level I, II, or III). Security+CE or equivalent required at a minimum; CAP, CASP, CISSP, or CISM desired

  • ITIL v3.0 or Foundation Certifications desired

  • Communicate well, both orally and in writing

Security Requirements:

US Citizenship and active TS clearance with SCI eligibility


Requires Bachelor's degree or equivalent and seven to nine years of directly related experience.


Equivalent Experience/Education, Bachelor's Degree

Years of Experience

13-15 years w/High School Diploma, 07-09 years w/Bachelors Degree

Position Type





ManTech International Corporation is comprised of approximately 7,300 talented employees who use advanced technology to help government and industry meet some of their greatest challenges around the world. We adhere to the simple, no-nonsense values on which ManTech was founded more than four decades ago, aligning squarely with the mission objectives of our customers. As our customer base continues to expand and diversify, we continue to diversify our workforce and solutions. Nearly half our employees have a military background, and approximately 70 percent hold a government security clearance. As a leading provider of innovative technology services and solutions for the nation's defense, security, health, space, and intelligence communities; we hold nearly 1,100 active contracts with more than 50 different government agencies.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Waretime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law. If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at . ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accomodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accomodation please click and provide your name and contact information.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Assistant Information Security Officer For Risk & Compliance

State Of Virginia

Posted Yesterday

VIEW JOBS 11/20/2018 12:00:00 AM 2019-02-18T00:00 To provide Compliance/Audit, Risk Management, Controls mapping and operational information security support, and to support the ODU IT Security Program to advance in principle, policy and practice. To provide awareness and training to ITS and departmental stakeholders who have responsibilities for systems and applications. Minimum Qualifications Working knowledge of information technology data center and cloud environments. Strong analytical, organizational, and problem solving skills. Proven written and oral communications skills. Familiarity with analysis of assets, vulnerabilities, threats, and corresponding controls as part of the risk analysis process. Familiarity with IT security and privacy frameworks, standards and regulations, including ISO27001, NIST, HIPAA\HITRUST, PCI-DSS, GLBA, DMCA, and export control laws. Demonstrated skill and ability to utilize personal computers and related software. Demonstrated effective communication skills. Demonstrated ability to interact with technical staff, computer vendors and University community. Understanding of policy and procedure, and the ability to implement that understanding across a wide range of information security and compliance support scenarios. Preferred Qualifications Familiarity with IT Continuity of Operations and Disaster Recovery planning. Demonstrated project management skills. Some experience with IT risk assessment and risk management processes such as OCTAVE, Binary Risk Management, or NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems. Familiarity with security analysis tasks such as network security monitoring, incident investigation and handling, vulnerability scanning, penetration testing, and forensics. Familiarity with Intrusion Detection techniques and packet analysis. Familiarity with scripting and programming languages such as C, C++, Python, and others. Bachelor's degree in related field, or equivalent combination of education and experience. Security or Assurance certification such as CISSP, CRISC, CGEIT, CCSK. Project Management (PMP) and\or Service Management (ITIL) certification(s). Some experience working in a University information security, compliance or audit office. Special Requirements 40 hour work week Monday-Friday; Some evenings and weekends. This position is designated as sensitive. A fingerprint-based criminal history check will be required of the final candidate. State Of Virginia Norfolk VA

Principal Information System Security Officer (Isso)

Expired Job