Senior Information Security Analyst

MANTECH seeks a motivated, career and customer-oriented Senior Information Security Analyst join our team in Doral, FL.
Responsibilities include but are not limited to:

• Senior Information Security Analyst is responsible for conducting comprehensive security assessments, including Federal Information Security Management Act (FISMA) reviews, to identify vulnerabilities and ensure compliance with relevant security standards and regulations
• Lead and conduct comprehensive security assessments of information systems, applications, and infrastructure, including FISMA reviews
• Evaluate the effectiveness of security controls and identify vulnerabilities, analyze security risks, and provide recommendations for mitigation
• Develop and maintain security assessment methodologies and tools, and ensure compliance with FISMA requirements and guidelines; develop and maintain FISMA documentation, including System Security Plans (SSP), risk assessments, and Continuous Monitoring Plans
• Prioritize vulnerabilities based on risk and impact, and develop and implement remediation plans; track and report on vulnerability remediation progress; review and evaluate security architecture designs
• Provide security guidance and recommendations to Architects and Engineers

Minimum Qualifications:

• BA/BS in field necessary to assume Senior Information Security Analyst duties or 4 additional years of experience in lieu of a degree
• 9 years of experience with 5 years of relevant Senior Information Security Analyst experience
• Strong understanding of security frameworks, standards, and regulations, such as NIST, ISO 27001, and FISMA.
• Experience conducting vulnerability assessments and penetration testing.
• Knowledge of security technologies, such as firewalls, intrusion detection/prevention systems and security information and event management (SIEM) tools.
• Must hold at least one (1) of the following certifications: CompTIA Security, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or any DoD 8570.01-M IAM Level II compliant certification.

Preferred Qualifications:

• Master’s degree in Computer Science, Computer Engineering, Information Systems, or a closely related field.
• Experience in current authorization practices, particularly within the DoD.
• Experience with cloud security assessments. Knowledge of scripting or programming languages.
• Experience and/or certifications associated with RMF, ICD 503, NIST SP800-53 or DCID 6/3. Windows, Linux, UNIX, Cisco, SQL or Oracle databases, and virtualized systems certification. Red Hat Enterprise License (RHEL) Linux 7, Tenable, and one or more SIEM certifications.
• Relevant certifications, such as CISSP, CISM, CISA, or CAP. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Certified Cloud Security Professional (CCSP), AWS Certified Security Specialty, Azure Security Engineer Associate, Certified in Risk and Information Systems Control (CRISC), ISO 27001 Lead Auditor.
• Experience at a DoD Combatant Command (e.g., SOUTHCOM, NORTHCOM, CENTCOM, CYBERCOM, INDOPACOM, EUCOM, AFRICOM, STRATCOM, TRANSCOM, SOCOM, SPACECOM) or a component is desired.

Clearance Requirements:

• Must have an active Top Secret clearance with SCI Eligibility

Physical Requirements:

• Must be able to remain in a stationary position 50%
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer
• The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.