CACI Enterprise IT Operations has an opportunity for an Information Systems Security Engineer (ISSE) to support a large and complex IT enterprise program.
DUTIES and RESPONSIBILITIES:
As the Information Systems Security Engineer (ISSE) some of your duties are as follows:
-Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations, and recommend mitigation strategies.
-Validate and verify system security requirements definitions and analyze and establish system security designs.
-Provide expert level consultation and technical services on all aspects of Information Security.
-Apply leading-edge principles, theories, and concepts to the development, maintenance, and implementation of information security standards, procedures, and guidelines.
-Responsible for providing high level technical leadership focused on complex information security architecture.
-Perform security research, analysis, and design for all client computing systems and the network infrastructure.
-Responsible for the prevention, detection, investigation and response with respect to security threats and attacks.
-Facilitate and manage security vulnerability assessments and penetration tests.
-Plan and oversee configuration changes for major security infrastructure platforms.
-Develop, implement, and document formal security programs and policies throughout the program and monitors compliance to these policies and programs.
-Lead the technical aspects of internal security audits and investigations.
-Represent the program's technical security interests with partners, suppliers, industry associations, and government entities to ensure the bi-directional flow of technical information and best practices in information security.
-Manage and maintain a library of security audit tools, and corresponding processes that can be used for system security testing, internal audits, incident response, and diagnosis of security-related system issues.
EDUCATION & EXPERIENCE:
- Typically requires Bachelor's degree in Computer Science, IT Information Security, or a related discipline and 12 to 15 years of experience.
- Expertise in the areas of vulnerability and risk management.
- Working knowledge of IT security assessment and network vulnerability tools.
- Experience with large scale enterprise IT contracts.
- Security Certifications (Security+, Network+, CEH, CISSP, or equivalent)
- Experience working with IT customers within the Department of Defense.
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.