ManTech seeks a motivated, career and customer-oriented Cyber Security Expert to join our team Washington, DC.
Responsibilities include but are not limited to:
Conduct comprehensive risk assessments to identify vulnerabilities, threats, and protection needs for information systems and network environments, and help create strategies for mitigating those risks considering relevant standards and regulations
Design, develop and oversee implementation of secure network architectures and systems, ensuring that security controls are integrated into the design from the ground up. Design and develop products with integrated cybersecurity features, ensuring they adhere to cloud and security best practices. Develop security requirements in alignment with applicable cybersecurity frameworks such as NIST 800-53 and the DoD Risk Management Framework (RMF).
Create layered security architectures that include network segmentation, firewalls, IDS/IPS, and secure communication protocols to protect information systems and network environments.
Design, develop, and implement network security measures that ensure confidentiality, integrity, availability, authentication, and non-repudiation. Apply security designs to new and existing network systems, ensuring hardware, operating systems, and software applications meet cybersecurity requirements.; provide cybersecurity expertise for AWS or Oracle Cloud Infrastructure programs, ensuring compliance with NIST 800-53, NIST RMF, and supporting the Authorization to Operate (ATO) process.
Develop strategies for monitoring and event logging in cloud environments, recommending best practices for information security and assurance. Lead or support response efforts to cyberattacks or security breaches if necessary. Develop and implement specific cybersecurity countermeasures to mitigate identified threats and vulnerabilities within the information systems and network environments.
Collaborate with government teams to understand cybersecurity requirements for the RMF framework and ATO process, supporting the development of security documents and artifacts.
Build and maintain trusted relationships with customers, and interface with external entities including law enforcement, intelligence/government agencies, and other contractors/vendors, serve as an advisor to the senior leadership on matters related to cybersecurity; may lead teams, projects, programs, and/or mentor lower-level engineers.
Minimum Qualifications:
Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP WebInspect, Network Mapper (NMAP), and/or similar applications.
Hold at least one of the following certifications required to meet the category/level ISSE-2 (DOD 8570) requirement for this position: Certified Information Systems Security Professional (CISSP) (or Associate), CompTIA Advanced Security Practitioner (CASP) CASP CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), or CISSP- Information System Security Architecture Professional (ISSAP).
Bachelor's degree or equivalent, and 16+ years’ experience in a related technical environment; Master’s degree or equivalent, and 13+ years’ experience in a related technical environment, including 5 years related management experience.
Preferred Qualifications:
Experience with the Federal Risk and Authorization Management Program (FedRAMP).
Knowledge of advanced forensic tools and techniques for attack reconstruction.
Knowledge in Network Security – Firewall, Intrusion detection/prevention systems (IDS/IPS) and other network defense mechanisms.
Experience in designing and building complex systems from ground up.
Familiarity with Cloud platforms (AWS, Azure, Google Cloud) and securing cloud environment.
Knowledge Risk Management and Governance using NIST guideline.
Clearance Requirements:
Physical Requirements:
Must be able to remain in a stationary position 50%.
Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.