Do you strive to make an impact? Love cutting edge technologies and new challenges? If Yes, please read more about an exciting new program at CACI!
The Air Force Integrated Personnel and Pay System (AFIPPS) will seamlessly add payroll and leave management capabilities to the Military Personnel Data System, creating a single, web-based Enterprise Resource Planning software solution streamlining existing Air Force personnel and pay processes into a single self-service system for the three AF military components: Regular Air Force, AF Reserve, and Air National Guard. The system will configure the appropriate Oracle e-Business Suite Commercial-Off-The-Shelf software application modules to satisfy AF business processes and integrate the product with MilPDS, which is based on Oracle’s EBS Human Capital Management application. The delivered solution will result in table-level integration of human resource and pay data supporting a single instance of Oracle EBS, making life easier for the end user by reducing redundancy, eliminating superfluous manual process, and ensuring timely pay for all. The AFIPPS solution will subsume and supplant the existing pay and benefits computation and disbursement processes of the Defense Joint Military Pay System and the functions of LeaveWeb. It will have AF-wide applicability, encompassing military airmen in all AF components and levels of duty status exclusive of retirement pay.
Performs cybersecurity functions designed to protect networks, computers, programs and data from attack and unauthorized access. Provides information assurance engineering and administration services to ensure secure, reliable, and uninterrupted availability of Air Force Human Capital IT systems and network. Operates as an expert in all aspects of information security. Manages security systems and analyzes potential threats and vulnerabilities. Develops new and complex security systems, including hardware and software. Oversees technical incident response and remediation activities. Provides security analysis and consultation services for product, system and network architecture designs. Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms. Launches and tracks investigations to resolution. Composes and sends alert notifications. Analyzes and reviews security findings and data. Publishes reports and keeps metrics for client systems. Identifies trends and root causes of system failures or vulnerabilities. Ensures that Information Systems Security policies, procedures, and practices are compliant with prescribed directives. Oversees accomplishment of user security training and may supervise a team of security specialists.
Ensuring that the architecture and design of information systems are functional and secure.
Assessing threats to environment and providing input on adequacy of security designs/architectures.
Designing and developing IA or IA enabled products, interface specifications, and approaches to secure the environment as necessary.
Ensuring completeness of work and adherence to software development and configuration management plans, requirements specifications, and quality standards.
Participating in team and client meetings to promote effective project communications code reviews, user demonstrations, etc.
Supporting test events and working closely with development team to resolve issues as required.
Responsible for system Assessment and Authorization to create and maintain security-related artifacts for existing and new solutions, and relevant appendices development/maintenance, etc.
Knowledge and ability to perform requirements analysis and system/network security design
Develop and maintain POA&M for all accepted risks upon completion of system A&A.
Manage, monitor, and review security audit and intrusion detection system logs for attacks and anomalies
Periodic vulnerability assessments of system/sub-system components
IA Policy/procedure development, implementation and enforcement
Collaborate with Technical Integration Team on aspects of solution design and development; participates in all internal and client reviews.
Conduct response to security incidents.
Coordinate with government accreditors for all matters related to system security – scheduling, testing, documentation, etc.
Application of the Risk Management Framework (RMF) for Air Force Systems
Develop and execute security control assessments of new and existing information systems
Support security staff in performing security compliance inspections to include cyber security reviews of existing security authorization packages and continuous monitoring plans
Provide feedback on security related system design documents, test plans and scenarios, and other associated artifacts
Bachelor's degree in Cyber Security or other technically relevant degree from an accredited university
Holds an active Secret clearance, with the ability to obtain a Top-Secret clearance if required
Holds an active CompTIA Security+ Certification
10-12 Years of IT experience, with at least 6 years of experience in information assurance or information security accrediting information, developing policy, or management of information assurance programs.
Demonstrated on-the-job experience with the DoD and AF certification and accreditation policies, specially DoDI8510.01, Risk Management Framework (RMF) for DoD Information Technology and AFI
Demonstrated understanding of the support activities and requirements documented in DoDI 8520.02 regarding Public Key Infrastructure (PKI) and Public Key Enabling that are required to achieve standardized PKI supported capabilities for biometrics, digital signatures, encryption, identification and authentication.
Demonstrated experience ensure that applications are compliant with DISA’s Application Security Development Security Technical Implementation Guide (STIG).
Experience executing and reviewing source code scans using tools such as HP Fortify to identify potential vulnerabilities for remediation
Demonstrated understanding of security controls and related standards within a Federal DoD environment
Knowledge of cyber security engineering, and experience with Linux, Windows and virtual platforms
Demonstrated ability to work as part of an integrated team, as well as independently.
Strong interpersonal and relationship building skills conducive to team building.
Critical thinking and problem solving
Excellent verbal and written communication
Ability to manage multiple projects in a fast-paced environment
Active CISSP certification
Demonstrated ability to lead a small team of cybersecurity professionals
Five or more years’ experience with virtual environments
Three or more years’ support for the accreditation of ERP based business systems within a DoD environment
Good understanding of established and emerging network technologies
Experience interacting with senior-level government executives
Expertise in DISA implementation and administration.
Demonstrated ability to understand and translate business issues into technical requirements and design specifications