Secure our Nation, Ignite your Future

　　Currently, ManTech is seeking a motivated, career and customer-oriented Security Control Assessor on-site in the Springfield, VA area. This position is supporting delivery of Enterprise IT services as a part of a 150+ person team supporting critical DoD missions. Your career will have meaning and make a difference protecting America!

　　Responsibilities:

　　The Security Control Assessor (SCA) will conduct and document a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by an information system. Determine the overall control effectiveness through documentation review, inspections, testing, and interviews. Provide an assessment of the severity of weakness or deficiencies and recommend corrective actions to address identified vulnerabilities. Provide initial mitigation of Cybersecurity incidents, support incident investigations, and closure of the incidents. Provide assessment of proposed technology (hardware, software, and firmware) for Cybersecurity vulnerabilities.

　　Assessment of security controls and organizational requirements shall include:

　　Assessment Package Feedback which focuses on the documentation submitted to support the various steps of Risk Management Framework (RMF). Recommend a format for this document for government approval.

　　Security Assessment Report which focuses on the assessment of an information system in support of the authorization determination. Shall provide a draft report using the government provided template; may recommend format changes for government consideration.

　　Periodic Cybersecurity Assessment Report or Security Compliance Report which focuses on the assessment of a Cybersecurity program at a location. Shall provide a draft report using the government provided template; may recommend format changes for government consideration.

　　Cybersecurity Incident Reports which focus on documenting Cybersecurity incidents. Shall provide a draft report using the government provided template; may recommend format changes for government consideration.

　　Technical Assessment of Hardware, Software, or Firmware. Shall document the technical assessment addressing Cybersecurity vulnerabilities via a government agreed format, such as a Help Desk ticket application, electronic mail, memorandum, etc.

　　Shall develop an annual compilation of findings and observations based upon the Security Assessment Reports and Periodic Cybersecurity Assessment Reports or Security Compliance Reports based upon fiscal year assessments. The format shall be recommended for government approval. The compilation shall be void of system names, system identification numbers, government or contractor locations, and individual names.

　　Draft and/or preliminary documents shall be presented in one of the following electronic formats: Microsoft Office version 2007 compatible (.docx, .xlsx, or .pptx) or the standard Portable Document Format (PDF) format. Final and/or approved format shall be determined by the government; may recommend additional formats.

　　Basic Qualifications:

　　Shall have at least 7 years overall experience and 4 or more years of experience in the validation of security configuration of operating systems.

　　Shall have 2 or more years of experience applying Risk Management Framework (RMF) as described in the National Institute of Standards and Technology Special Publications.

　　Shall meet the Cyber IT/Cybersecurity Workforce (CSWF) Security Control Assessor. (612); Intermediate Level for SECNAV M-5239.2 compliance. (See Navy Cool WebSite).

　　Desired Qualifications:

　　Strongly desired experience with application of the Defense Information Systems Agency (DISA) Security Technical Implementation Guides.

　　Operating System/Computing Environment certificate for Windows Server 2012 or newer UNIX (Linux (Red Hat), Solaris).

　　Experience with vulnerability scanners.

　　Experience with Cloud technologies.

　　Documented (certificate) RMF training provided by the Intelligence Community or DoD SAP community.

　　Experience with assessing security relevant applications.

　　Experience as a System Administrator, Information System Security Manager, or Information System Security Officer.

　　Experience applying the requirements of the DoD Joint Special Access Program Implementation Guide (JSIG) to information systems or Cybersecurity programs.

　　A cyber credential at the Master proficiency level for specialty area Securely Provision - Risk Management as outlined in SECNAV M-5239.2.

　　Experience with Cross Domain Solutions (CDS).

　　Education/Certification:

　　A Bachelor’s Degree OR

　　Security+CE OR

　　Certified Authorization Professional (CAP) OR

　　Cisco Certified Network Associate (CCNA) Routing & Switching

　　Travel:

　　Travel requirements are approximately 30% annually to support critical business needs. Travel location are CONUS and some OCONUS locations.

　　Security Clearance Requirements:

　　This position requires U.S. citizenship and an active DoD TS/SCI clearance with the ability to obtain and maintain a Counterintelligence (CI) Polygraph.

　　Physical Requirements:

　　Position self to move.

　　Stationary 50% or more of the time.

　　Occasionally move around the office.

　　Must be able to communicate.

　　Must be able to detect computer screen and other work-related material.

　　For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

　　ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

　　If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

　　If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access http://www.mantech.com/careers/Pages/careers.aspx as a result of your disability. To request an accommodation please click [email protected] and provide your name and contact information.