Security Engineer
MANTECH · Springfield, VA · Yesterday
On-siteInformation TechnologyFull-time
Responsibilities
- Leading the compilation, organization, and technical writing of the complete Body of Evidence (BOE) required to successfully navigate the ICD 503 Risk Management Framework (RMF) pipeline for IATT and ATO milestones.
- Utilizing automated RMF tools such as Telos XACTA to document, track, and map NIST SP 800-53 and CNSSI 1253 security controls within an IL6 cloud environment.
- Reviewing and hardening automated deployment scripts (e.g., Ansible, Terraform) to ensure hardware abstraction models and virtual environments are provisioned securely.
- Deploying and managing automated scanning tools—including ACAS (Nessus), SCAP Compliance Checker (SCC), and static code analysis tools—to identify and remediate system vulnerabilities.
- Auditing and securing containerized environments and service mesh configurations to guarantee data isolation, secure transit, and continuous monitoring compliance.
- Serving as the primary technical interface to NGA Information System Security Officers (ISSOs) and Authorizing Officials (AOs) to clear security roadblocks.
- Working with all stakeholders to ensure the Drift Management Capability securely monitors and maintains parity between the digital twin and the live NGA CORE classified production environment.
Requirements
- High School Diploma/GED with 10+ years of experience, or a Bachelor’s degree in Cybersecurity, Systems Engineering, or a related technical field with 6–10 years of progressive experience.
- 3+ years of direct experience supporting DoD or Intelligence Community (IC) RMF processes.
- Proven experience securing hybrid cloud environments and infrastructure utilizing Ansible or QEMU-KVM architectures.
- Direct experience delivering a system from initial registration through IATT/ATO approvals within an IC or DoD classified boundary.
- Strong knowledge of cybersecurity frameworks including ICD 503, NIST SP 800-53, CNSSI 1253, and DISA STIGs.
Qualifications
- Preferred: Certified Information Systems Security Professional (CISSP), CISSP-ISSEP, CISM, or CAP certification.
- Deep familiarity with NGA networks, NGA mission threads, and specific security accreditation processes.
- Self-starter with excellent people skills who can embed security compliance into rapid prototyping or iterative DevSecOps sprint cycles and drive change throughout an organization.
Clearance Requirements
- Must possess an active TS/SCI clearance and be eligible for NGA access prior to starting.
Physical Requirements
- Must be able to remain in a stationary position 50% of the time.
- Frequent communication with co-workers, management, and customers, which may involve delivering high-level technical presentations to executive stakeholders.
- Must be able to exchange accurate information in these situations.