Apply Now    

Application Security Specialists/Security Engineer Specialist

Req #: 201626
Location: San Antonio, TX US
Job Category: Information Technology
Security Clearance: Secret
Clearance Status: Must Be Current

Job Description

Do you strive to make an impact? Love cutting edge technologies and new challenges? If Yes, please read more about an exciting new program at CACI!

 

The Air Force Integrated Personnel and Pay System (AFIPPS) will seamlessly add payroll and leave management capabilities to the Military Personnel Data System, creating a single, web-based Enterprise Resource Planning software solution streamlining existing Air Force personnel and pay processes into a single self-service system for the three AF military components: Regular Air Force, AF Reserve, and Air National Guard. The system will configure the appropriate Oracle e-Business Suite Commercial-Off-The-Shelf software application modules to satisfy AF business processes and integrate the product with MilPDS, which is based on Oracle’s EBS Human Capital Management application. The delivered solution will result in table-level integration of human resource and pay data supporting a single instance of Oracle EBS, making life easier for the end user by reducing redundancy, eliminating superfluous manual process, and ensuring timely pay for all. The AFIPPS solution will subsume and supplant the existing pay and benefits computation and disbursement processes of the Defense Joint Military Pay System and the functions of LeaveWeb. It will have AF-wide applicability, encompassing military airmen in all AF components and levels of duty status exclusive of retirement pay.

DESCRIPTION

Performs application security functions within an Oracle E-Business Suite (EBS) environment.  The position includes the delivery of Security and Controls related implementations and assessments.  Daily responsibilities include the design and implementation of application end-user security, business process controls, interface and data conversion controls, and information technology (IT) controls.  As part of the Cyber Security team, the Security Engineer analyzes potential threats, trends and vulnerabilities and takes proactive steps to remediate the associated vulnerabilities.  Also, responsible for conducting root cause analysis, technical incident response and remediation activities especially as it relates to ensuring users have the approved set of roles and permissions.  Ensures that Information Systems Security policies, procedures, and practices are compliant with prescribed directives. 

RESPONSIBILITES

  • Design and implementation of application end-user security
  • Design and implementation of business process controls
  • Design and implementation of interface and data conversion controls
  • Design and implementation of additional information technology related controls in accordance with Air Force policy.
  • Establishment and maintenance of access controls and security policies within Oracle E-Business Suite through the definition of user roles, role inheritance hierarchies, role categories, registration processes and the assignment of roles to permissions and users to roles which specify the levels required to access application menus and data based on an analysis of user role and organizational affiliation
  • Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement and transformation
  • Lead security design activities
  • Review and comment on proposed application security controls for each of the product modules
  • Provide feedback on security related system design documents, test plans and scenarios, and other associated artifacts

REQUIRED QUALIFICATIONS

  • Bachelor's degree in Computer Science, Cyber Security, Information Systems or other technically relevant degree from an accredited university
  • Ability to obtain an active Secret clearance
  • Ability to obtain a CompTIA Security+ Certification
  • 10-12 Years of IT experience, with at least 5 years of experience implementing application user based security controls within Oracle E-Business Suite 
  • Well versed in the design, implementation, test and deployment of Oracle EBS security controls across the HCM and Global Payroll products version 12.2 or higher
  • Demonstrated Experience with Oracle EBS Security concepts across Oracle modules
  • Demonstrated Experience with Oracle EBS business processes, user provisioning and security maintenance
  • Demonstrated understanding of IT controls and related standards within a Federal DoD environment
  • Strong analytical and problem-solving skill

DESIRED QUALIFICATIONS

  • Understanding of segregation of duties frameworks
  • Strong writing and verbal communication skills
  • Demonstrated understanding of the support activities and requirements documented in DoDI 8520.02 regarding Public Key Infrastructure (PKI) and Public Key Enabling that are required to achieve standardized PKI supported capabilities for biometrics, digital signatures, encryption, identification and authentication. 
  • Knowledge of various software development lifecycle methodologies and experience working within an Agile SDLC preferably for a Federal Government customer
  • Demonstrated experience working within a DISA hosted environment
  • Demonstrated experience ensure that applications are compliant with DISA’s Application Security Development Security Technical Implementation Guide (STIG).
  • Experience executing and reviewing source code scans using tools such as HP Fortify to identify potential vulnerabilities for remediation
  • Experience with industry standard digital signature tools and integration of those tools with Oracle E-Business Suite.
  • Experience using Oracle Identity Management for identity and access management
  • Knowledge of various software development lifecycle methodologies and experience working within an Agile SDLC preferably for a Federal Government customer
  • Knowledge of Industry and Federal Government Security standards such as X.509, FIPS 140.2, SAML 2.0, WS Security, and applicable NIST related security standards
  • Familiarity with the DoD and AF certification and accreditation policies, specially DoDI8510.01, Risk Management Framework (RMF) for DoD Information Technology and AFI 17-101
  • Familiarity with agile software development


 

Job Location

US-San Antonio-TX-SAN ANTONIO


 

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Apply Now    
Link for schema