Cyber Security Analyst - ManTech
Washington, DC
About the Job
Currently, ManTech is seeking a motivated, career and customer-oriented Cyber Security Analyst to join our team in Washington, DC.
Responsibilities include, but are not limited to:
+ Implement/manage an effective and comprehensive IA program as outlined in the Joint Special Access Program Implementation Guide, Rev 4, as amended. This assignment requires demonstrated technical expertise in all IA functional areas, and ability to integrate this expertise with practical knowledge of the mission, objectives and operations of the support program office. The work requires close/continuing collaboration with all levels of personnel within the project areas, from senior managers to working-level personnel, to foster and facilitate integration of IA principals and methods into all aspects of the Information Technology/Information management (IT/IM) operations.
+ Promote/integrate IA methods/techniques into all aspects of operations and developmental work, including the upfront integration of IA controls into products under development.
+ Support efforts to comply with governing IA policies, procedures and documentation requirements (e.g., Clinger-Cohen Act), and ensure the security/integrity of IT/IM systems. The Cyber Security Analyst shall conduct announced/unannounced IA reviews/inspections to ensure adherence to C&A documentation, and IA regulations, and supports activities of external auditors, including defining/implementing/documenting plans of action to address noted deficiencies.
+ Perform continuing analysis of in-place IA plans/programs/processes to ensure they provide an optimized level of security for the program's IT assets/operations, and are responsive to the program's rapidly changing operational requirements for IT security.
+ Develop a Plan of Actions and Milestones (POA&M) for all systems under RMF/JSIG. On a continuing basis the contractor shall inform the Program Manager/Deputy Program manager (PM/DPM) and the IT/IM lead with milestone activity updates, including but not limited to schedule impacts, system vulnerabilities, patch management actions, and Designated Authorizing Official (DAO) directives. Notification shall include sufficient lead time to effect system changes to maintain the system Authority to Operate (A TO). The Cyber Security Analyst shall recommend and communicate alternative actions to any POA&M that will maintain or minimize impact to schedule.
+ Work collaboratively with IT/IM staff in the development and implementation of security controls for program IT systems, as approved by the authorizing authority. The Cyber Security Analyst shall review the Audit Logs and identify all anomalies to the appropriate authorities. The Cyber Security Analyst may act as a Data Transfer Agent and may utilize an approved Assured File Transfer (AFT) procedure. The ISSO shall report any anomalies while processing AFT's to the PM and Security manager and will make recommendations for corrective actions when necessary. On a continuing basis, the ISSO shall collect and analyze a variety of quantitative metrics used in the management of IA functions of IT systems and collaborates with the IT/IM personnel in developing any reports on the Cyber Security posture of the IT systems. The Cyber Security Analyst shall provide reports to Senior Managers on system vulnerability status, problem resolution and root cause analysis.
Basic Qualifications:
+ DoD 8570 IAT Level 2 certification required (CCNA Security, GICSP, GSEC, Sec+, CND or SSCP)
+ 2+ years of experience thriving in a cyber security role
+ Experience creating policy and procedure documentation in support of RMF packages
+ Up to 10% travel mainly Conus
Preferred Qualifications:
+ Experience auditing / working in a Windows environment
+ Pervious implementation of JSIG in a SAP environment
+ Splunk experience
+ Nessus experience
Security Clearance Requirements:
+ US Citizenship required and active TS clearance adjudicated within the last 6 years
+ Candidate must be open to poly
Physical Requirements:
+ Must be able to remain in a stationary position up to 75% of the time
+ Must be able to move about inside the office and datacenter to access IT equipment
+ The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
+ Must be able to exchange accurate information in these situations
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.
Responsibilities include, but are not limited to:
+ Implement/manage an effective and comprehensive IA program as outlined in the Joint Special Access Program Implementation Guide, Rev 4, as amended. This assignment requires demonstrated technical expertise in all IA functional areas, and ability to integrate this expertise with practical knowledge of the mission, objectives and operations of the support program office. The work requires close/continuing collaboration with all levels of personnel within the project areas, from senior managers to working-level personnel, to foster and facilitate integration of IA principals and methods into all aspects of the Information Technology/Information management (IT/IM) operations.
+ Promote/integrate IA methods/techniques into all aspects of operations and developmental work, including the upfront integration of IA controls into products under development.
+ Support efforts to comply with governing IA policies, procedures and documentation requirements (e.g., Clinger-Cohen Act), and ensure the security/integrity of IT/IM systems. The Cyber Security Analyst shall conduct announced/unannounced IA reviews/inspections to ensure adherence to C&A documentation, and IA regulations, and supports activities of external auditors, including defining/implementing/documenting plans of action to address noted deficiencies.
+ Perform continuing analysis of in-place IA plans/programs/processes to ensure they provide an optimized level of security for the program's IT assets/operations, and are responsive to the program's rapidly changing operational requirements for IT security.
+ Develop a Plan of Actions and Milestones (POA&M) for all systems under RMF/JSIG. On a continuing basis the contractor shall inform the Program Manager/Deputy Program manager (PM/DPM) and the IT/IM lead with milestone activity updates, including but not limited to schedule impacts, system vulnerabilities, patch management actions, and Designated Authorizing Official (DAO) directives. Notification shall include sufficient lead time to effect system changes to maintain the system Authority to Operate (A TO). The Cyber Security Analyst shall recommend and communicate alternative actions to any POA&M that will maintain or minimize impact to schedule.
+ Work collaboratively with IT/IM staff in the development and implementation of security controls for program IT systems, as approved by the authorizing authority. The Cyber Security Analyst shall review the Audit Logs and identify all anomalies to the appropriate authorities. The Cyber Security Analyst may act as a Data Transfer Agent and may utilize an approved Assured File Transfer (AFT) procedure. The ISSO shall report any anomalies while processing AFT's to the PM and Security manager and will make recommendations for corrective actions when necessary. On a continuing basis, the ISSO shall collect and analyze a variety of quantitative metrics used in the management of IA functions of IT systems and collaborates with the IT/IM personnel in developing any reports on the Cyber Security posture of the IT systems. The Cyber Security Analyst shall provide reports to Senior Managers on system vulnerability status, problem resolution and root cause analysis.
Basic Qualifications:
+ DoD 8570 IAT Level 2 certification required (CCNA Security, GICSP, GSEC, Sec+, CND or SSCP)
+ 2+ years of experience thriving in a cyber security role
+ Experience creating policy and procedure documentation in support of RMF packages
+ Up to 10% travel mainly Conus
Preferred Qualifications:
+ Experience auditing / working in a Windows environment
+ Pervious implementation of JSIG in a SAP environment
+ Splunk experience
+ Nessus experience
Security Clearance Requirements:
+ US Citizenship required and active TS clearance adjudicated within the last 6 years
+ Candidate must be open to poly
Physical Requirements:
+ Must be able to remain in a stationary position up to 75% of the time
+ Must be able to move about inside the office and datacenter to access IT equipment
+ The person in this position frequently communicates with co-workers, management, and customers, which may involve delivering presentations.
+ Must be able to exchange accurate information in these situations
ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
If you are a qualified individual with a disability and require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please email us at careers@mantech.com and provide your name and contact information.
Source : ManTech