Cybersecurity Specialist

General information

Requisition # R60049 Locations USA-Remote Work Posting Date 04/28/2025 Security Clearance Required Public Trust/Suitability Remote Type Fully Remote Time Type Full time

Description & Requirements

Transform the future of federal services with ManTech! Join a vibrant, energetic team committed to enhancing national security and public services through innovative tech. Since 1968, we’ve partnered with Federal Civilian sectors to deliver impactful solutions. Engage in exciting projects in Digital Transformation, Cybersecurity, IT, Data Analytics and more. Ignite your career and drive change. Your journey starts now—innovate and excel with ManTech!

ManTech seeks a motivated, career and customer-oriented Cybersecurity Specialist to join our team. This is currently a remote position, subject to change at the customers discretion.

Responsibilities include but are not limited to:

• Serve as a Subject Matter Specialist on projects related to Cybersecurity or in the area of enterprise risk management

• Assist in refining and implementing the processes and methodologies to assess internal and external/third-party systems and provide an accurate accounting and tracking for shortcomings and weaknesses. The weaknesses shall be tracked, monitored, and reported in Plans of Action and Milestones (POA&Ms). Findings discovered through risk assessments, Security Controls Assessments (SCA) and continuous monitoring activities shall be collected, analyzed, and used to provide continuous reporting and support informed, risk-based decision making.

• Prepare and maintain a current POA&M that identifies enterprise and system level weaknesses, vulnerabilities, and proposed mitigation activities, estimated costs to implement the recommendations, mitigation schedules based on the availability of resources required, points-of-contact that are responsible for mitigation activities, and status of the mitigation/remediation activities. The mitigation actions shall address system vulnerabilities identified in Security Assessment Reports (SAR) and SAR Executive Summary (SAR ES) Reports.

• Additional tasks may include Initiating POA&M process for review and entry into A&A repository; maintaining POA&M dashboard; producing POA&M metrics and reports for leadership; Ensuring data quality of POA&M entries in the A&A repository; Reviewing artifacts thoroughly prior to submitting for closure requests; Identifying overdue POA&Ms and assisting SO in devising correction action plans; Conducting root cause analysis of POA&Ms and providing recommendations for addressing the underlying cause or trend; Coordinate with ISSM and SO for POA&Ms that may require risk acceptance from the AO; Coordinating with the Security Architecture and Engineering (SAE) Team and SO to address POA&Ms that may require security configuration baseline (SCB) updates; Monitoring the progress of corrective actions and updates as event occur; and verifying POA&M artifacts quality thoroughly prior to submitting for closure requests.

• Support a wide array of ongoing tasks at the discretion of the COR. These tasks include but are not limited to aspects of the Risk Management Framework (RMF) process (Security Control Assessments, Assessments and Authorizations, and continuous monitoring).

Minimum Qualifications:

• 10+ Years of Experience years of demonstrated hands-on experience and knowledge with NIST SP 800-37 Risk Management Framework, 800-60, 800-53, 800-53A, FIPS199, FISMA, FedRAMP, NIST SP guidance and other federal cybersecurity-related policies, directives, and mandates.

• Demonstrated experience with system/application security, risk management, information assurance third party management and risk remediation

• Demonstrated experience performing risk management activities developing and maintaining System Security Plans (SSPs), Plan of Action and Milestones (POA&M), and developing Executive-level briefings

• Demonstrated ability to work independently under general direction

Preferred Qualifications:

• 10+ years as Subject Matter Expert (SME) with NIST SP 800-37 Risk Management Framework, 800-60, 800-53, 800-53A, FIPS199 (and related OMB and NIST guidance)

• 5+ year experience using the Cyber Security Assessment and Management (CSAM) tool

• 5+ years performing risk management activities developing and maintaining System Security Plans (SSPs), Plan of Action and Milestones (POA&M), and developing Executive-level briefings

• 2+ years’ experience with Qmulos

Clearance Requirements:

• Must be a U.S. Citizen and be willing and able to obtain a Public Trust prior to starting this position

Physical Requirements:

• The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentations.

The projected compensation range for this position is $92,900.00-$154,100.00. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories.  In addition, ManTech invests in it’s employees beyond just compensation.  ManTech’s benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections.

ManTech International Corporation considers all qualified applicants for employment without regard to disability or veteran status or any other status protected under any federal, state, or local law or regulation.
If you need a reasonable accommodation to apply for a position with ManTech, please email us at careers@mantech.com and provide your name and contact information.