CACI is currently looking for outstanding cyber security candidates to join our Assessments & Authorization (A&A) team to play a key role in securing information in a SAP based system for the United States Department of Agriculture. We are looking for at least 5+ years of experience, a bachelor’s degree or equivalent to apply your expertise in the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and Security Solutions to make certain that application security, A&A and security operations are in accordance with NIST and FedRAMP. The candidate will be responsible for providing high level technical expertise focused on a SAP Based Cloud cyber security architecture. The candidate will balance the consideration of security controls with the mission of the system while working with the CACI system Information Security Manager.
The candidate will apply their experience and of knowledge of A&A techniques, Cloud security, and best practices supporting U.S. Government Civil Agencies. Expected duties include but are not limited to:
Duties and Responsibilities
A working knowledge of several of the following areas is required: understanding of the NIST Cybersecurity Framework, NIST 800-53 and NIST 800-171 security controls and security practices and procedures; knowledge of Cloud system design, knowledge of privacy data security control implementation and implications to a system, knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, current FedRAMP requirements, and civil government agency cyber security requirements.
Ability to work independently with limited supervision and serve in the capacity of an Information System Security Officer.
Ability to manage projects and processes and develop solutions and perform the design, implementation or delivery of products, services, systems and solutions using specialized knowledge and skills (technical principles, theories and concepts) normally acquired through specialized training and/or advanced education
Ability to work with cross functional team members to design, develop, implement and document security solutions to obtain an Authority to Operate (ATO) of Cloud Systems in accordance with NIST and FedRAMP security requirements.
Responsible for the documentation of system design and implementation statements in Cloud System Cyber Security Asset Management (CSAM) profile.
Provides support for facilitating and helping the A&A team identify and implement security controls in accordance with NIST and FedRAMP security requirements.
Develops, implements, and documents security solutions and monitors compliance to these policies and contributes to the risk analysis and project support in the area of cyber security
Applies principles, theories, and concepts to the development and implementation of cyber security standards, procedures, and guidelines.
Monitors trends in information technology and security that could have an impact on the security of the organization’s products, processes, infrastructure, or customers.
Experience in NIST RMF
Experience in Cloud Security Practices
Experience with migrating government systems to a FedRAMP certified cloud
Experience in project leadership in planning, designing and implementing projects through completion
Experience using Microsoft Office products including Word, Excel and PowerPoint
Ability to work individually (self-motivated) and within a team environment
Ability to communicate effectively with:
Management – providing status information, suggesting corrective actions, and taking direction when decisions are made
Diverse customer organizations – accepting guidance and feedback on requirements and deliverables