Senior Information System Security Engineer

MANTECH seeks a motivated, career and customer-oriented Senior Information System Security Engineer (ISSE) to join our team in Washington, D.C., Chantilly, VA or Quantico, VA.

Responsibilities include, but are not limited to:

• Define and implement cybersecurity requirements, architectures, and secure system designs across information systems and network environments
• Design, develop, and integrate security solutions, including Cross Domain Solutions (CDS), to support secure data flow and system interoperability
• Implement network security controls and countermeasures to ensure confidentiality, integrity, availability, authentication, and non-repudiation
• Identify, assess, and mitigate system and network vulnerabilities, recommending enhancements to strengthen overall security posture
• Maintain and track vulnerability data, POA&Ms, and remediation activities using GRC and enterprise tracking tools
• Lead stakeholder engagement through office hours, guidance, and updated procedures to support vulnerability management and compliance efforts
• Provide rapid response to data calls, RFIs, and leadership inquiries, including escalation and reporting of high-risk or non-compliant remediation actions

Minimum Qualifications:

• Must meet one of the following levels of experience: A high school diploma/GED and 14 years’ experience, an Associate’s degree and 10 years’ experience, a Bachelors degree and 8 years’ experience, or a Master’s and 6 years’ experience.
• Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) (or Associate), CompTIA Advanced Security Practitioner (CASP) CE, Certified Secure Software Lifecycle Professional (CSSLP), CISSP- Information System Security Engineering Professional (ISSEP), Certified Information Security Manager (CISM), or CISSP- Information System Security Architecture Professional (ISSAP).
• Familiarity with the use and operation of security tools including: Tenable Nessus and/or Security Center, IBM Guardium, HP WeblInspect, Network Mapper (NMAP), and/or similar applications.
• Working knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes.
• Experience with vulnerability management programs, including identification, tracking, and remediation of CVEs and Known Exploited Vulnerabilities (KEVs).
• Knowledge of federal cybersecurity directives and frameworks, including CISA Emergency Directives (EDs), Binding Operational Directives (BODs), and DOJ Vulnerability Patch Requirements (VPRs).
• Experience with Risk Management Framework (RMF), POA&M tracking, and governance, risk, and compliance (GRC) tools.

Preferred Qualifications

• Degree in Computer Science, Cybersecurity, or other cyber discipline.
• Ability to operate in high-tempo environments with rapid response requirements and strict deadlines.
• Strong organizational and process improvement skills to support reporting, tracking, and compliance initiatives.

Clearance Requirements:

• Must have a current/active Top Secret security clearance and be willing and able to obtain SCI eligibility prior to start.
• Selected candidate must be willing to undergo a Polygraph.

Physical Requirements:

• Must be able to remain in a stationary position 50%
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
• Often positions self to maintain computers in the lab, including under the desks and in the server closet
• Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations

Skills

Authentication, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Calculators, CompTIA - Computing Technology Industry Association, Computer Maintenance, Computer Science, Computer Security, Copying Machines, Cross-Domain Solutions (CDS), Customer Relations, HP WebInspect, High School Diploma, IBM Product Family, ISSAP - Information Systems Security Architecture Professional, ISSEP - Information Systems Security Engineering Professional, Information Systems Security Engineering (ISSE), Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Interoperability, Leadership, Maintain Compliance, NMap, Nessus, Network Security, Office Equipment, Operations Security (OPSEC), Organizational Skills, People Management, Presentation/Verbal Skills, Printers, Process Improvement, Risk, Risk Management Framework (RMF), Security Clearance, Software Development Lifecycle (SDLC), Software Patches, Systems Analysis, Time Management, Top Secret Clearance, U.S. National Institute of Standards and Technology (NIST), United States Department of Justice (DOJ)

About the Company:

MANTECH