Senior Information Security Assessor and Authorization Engineer
8 - 10 years experience • Professional, Scientific & Technical Services
Entering ManTech’s 50th year, we hold the distinct honor of being named a “Top 100 Global Technology Company” by Thomson Reuters. We have earned this and many other accolades over the years for our dedication to serving the missions of our nation’s most important customers: U.S. Intelligence, Defense and Federal Civilian agencies. All know us as a trusted partner offering best-in-class solutions in cyber, data collection & analytics, enterprise IT, and systems and software engineering tailored to meet their specific requirements.
Become an integral part of a diverse team in the Mission, Cyber and Intelligence Solutions (MCIS) Group. Currently, ManTech is seeking a motivated, mission oriented Information Security Assessor and Authorization, in the Washington, DC, with strong Customer relationships. At ManTech, you will help protect our national security while working on innovative projects that offer opportunities for advancement.
The FSS Division provides cyber solutions to a wide range of Defense and Intelligence Community customers. This division consists of a team of technical leaders that deliver advanced technical solutions to government organizations. Our customers have high standards, are technically adept, and use our products daily to support their mission of protecting national security. Our contributions to our customer’s success is driving our growth.
The Information Security Assessor will be a key team member of a security assessment team that will conduct monthly on-site IT security assessments for a federal government client.
Conducting interviews with key client stakeholders to evaluate the current information security practices
Evaluate management, operational, and technical security policies and procedures
Reviewing security policy and procedural documentation
Reviewing network architecture diagrams and evaluating network access controls
Reviewing system configuration data to identify security weaknesses
Developing recommendations for security issues and vulnerabilities identified during assessments
Communicating results to clients ranging from technical staff to executive management
Proficient in using various network/vulnerability scanning tools (e.g. Nessus, NMAP). Candidate should not only be able to run scans but also interpret scan results and make appropriate recommendations.
Provide ongoing subject matter expert support for clients
Conduct approximately 12-18 assessments each year across the United States
25% travel involved
Must possess 8 years related IT Security experience. Experience must include analyzing security controls and developing solutions to security problems
Must possess one of the following certifications: CISSP, CEH, CAP, or Security+ (If you do not hold the CISSP certification you must be willing to obtain it within 6 months of hire)
Excellent communications and oral presentation skills
Experience performing security assessments and compliance assessments with NIST, PCI DSS, ISO 27001/27002, or other security control frameworks
Experience conducting interviews with client teams ranging from technical IT staff to senior executives
Experience performing assessments of information security policies and procedures
Experience evaluating the following IT security disciplines: continuity planning, contingency planning, disaster recovery planning, incident response, personnel security, access management, security awareness training
Strong verbal and written communication skills are highly preferred. It is highly desired that candidates possess strong interpersonal skills.
Candidates must be fluent in the English language.
Candidates may be asked to provide a writing sample.
Requires Bachelor's degree or equivalent and seven to nine years of related experience.