Summary: CACI is in search of an Information Assurance Specialist. In this role, you will work closely with the government Information Assurance Manager (IAM) in implementing DoD and Air Force Policy on the DC3 networks. Member of a team of IA professional's responsible providing policy analysis, information sharing requirements, Certification and Accreditation support for multiple classified and unclassified networks.
Duties and Responsibilities:
- Responsible for creating and validating system security requirements, establishing and implementing security designs in hardware, software, data, and procedures. Will conduct technical risk and vulnerability assessments of planned and installed information systems as well as assess and mitigate system security threats/risks throughout the system life cycle.
- Responsible for preparing documentation such as Risk Assessment Reports (RARs) for the ISSM/CISO, System Security Plans (SSPs), Development of Plan of Action & Milestones (POA&Ms) to ensure compliance with Government and DC3 Cybersecurity policies and procedures. Will assist the ISSM/ISSO with the generation of cybersecurity documentation for system hardware and software assessments; assess the performance of IA Security controls for assess and authorize and assess only networks
EDUCATION & EXPERIENCE:
Typically requires a bachelor's degree or equivalent and five to seven years of related experience.
- Demonstrated Risk Management Framework (RMF) experience
- Experience with IA/Cybersecurity policy implementation
- Experience handling Federal C&A activities to include experience with eMASS (submission, validation and updates as needed)
- Experience performing computer systems security risk analysis and assessment.
- Experience implementing and validating Security Technical Implementation Guidance (STIG) and Security Requirements Guidance (SRG) for applications, familiarity with DOD network architecture and network engineering practices, hardening Windows/LINUX operating system
DOD 8570/8140 Certification: (CISSP, CISM, GSLC, CASP, CAP)
- DoD SCCVI, HBSS, ACAS and CMRS experience
- TS Clearance with ability to obtain SCI
- Experience with Department of Defense Test & Evaluation (T&E) practices for Cybersecurity to include validation of Security Control Requirements, STIG/SRG/Customer Centric requirements and document findings in a formalized reporting format.
- Experience analyzing and defining security requirements.
- Strong analytical and organizational skills with excellent communication skills (written and verbal communications) and have the ability to work in a dynamic work environment.
- FISMA experience
- Exceptional communication, interpersonal, problem solving, analytical and organizational skills.
- Ability to work well both independently and as part of a team
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.