What you’ll get to do: CACI is looking for an Information System Security Officer to join our team of passionate security professionals in our Reston Town Center office. You will be a key contributor to the security team and will assist in administering, implementing and managing Information Assurance (IA) Program for a CACI company.
You'll be well versed in all technical aspects of the position requirements and will act as liaison for all IA relevant tasking between customer security and project management to ensure coordination and resolve any IA related issues or concerns and be well-versed in multi-tasking across several IA tasks at the same time. You will thrive in a fast-paced environment with a bias for action. You should be able to build high-trust partnerships with management and other security team members, while being energetic, detail oriented, analytical, and self-starting.
More about this role: You will report to the Information System Security Manager (ISSM) and will:
Provide oversight of the information security program ensuring compliance with government and corporate security policies and procedures by working with team members, engineers, program security and management personnel.
Work with US Government Security Control Assessors (SCAs) and Authorizing Officials (AOs) to develop a comprehensive Risk Management Framework (RMF) package including System Security Plans (SSPs), Information Continuous Security Monitoring Plans, and a Body of Evidence to support system authorization.
Develop and implement the Security Requirements Document (SRD) and a System Configuration Specification (SCS), IAW ICD 503 and the customer C&A process.
Perform Information System (IS) self-inspections; provide security coordination and review of all system test plans.
Ensure that periodic self-inspections of the facility's IS Program are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities. Develop and implement certification tests as required.
Coordinate IS security related incidents, initiate investigations, and implement corrective actions and responses to incidents.
Analyze and advise on the risk and remediation of security issues through continuous monitoring based on reports from vulnerability assessment scanners, patch management tools, and emerging threat information.
Assess the impacts on system modifications and technological advances.
Proactively research security/compliance changes in governmental/industry regulations or best practices that may affect security policies.
Maintain, as required by the Authorizing Official, a repository for all system documentation and modifications.
Monitor system security audit logs weekly, investigating and reporting all anomalies to management.
Ensure all new personnel are trained prior to gaining access to classified networks.
Ensure development and implementation of procedures for authorizing the use of software, hardware and firmware on systems under their purview. Ability to work in coordination with our System Administration and Infrastructure teams.
Act as assistant COMSEC Custodian responsible for all COMSEC inventory and dissemination to contract personnel.
You’ll bring these qualifications:
Typically requires a bachelor's degree or equivalent experience and minimum 3 years related work experience.
System Administration background/Technical.
U.S. citizenship and minimum active TS/SCI Clearance with ability to obtain Poly.
Security+ or DoD 8570 equivalent for Information Assurance Technical (IAT) Level II certification, otherwise required within 6 months of hire.
Knowledge of specific IC, DoD, and Federal government A&A standards, processes and directives, particularly, ICD 503, IASD, CPBI 51E-1, JAFAN 6/3, JSIG, DSS ISFO (preferred).
Hands-on experience with Risk Managed Downloads, IS sanitization and destruction, PEDs, contaminations, incident response, virus scanning, privileged user access, and hardware/software configuration management.
Must be self-motivated and results oriented.
Must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues.
Excellent written and oral communications and teamwork skills.
Working knowledge of technical specifications for SCIF construction and accreditations.
Self-starter able to take initiative within a fast paced, agile environment.
Must have excellent working knowledge of Microsoft applications: Excel, Word, PowerPoint.
Well organized and confident to work independently but be a strong team player.
Ability to effectively manage ambiguity and multi-task on a variety of initiatives.
These qualifications would be nice to have:
Customer related security training
Experience with Windows Operating Systems (Windows 7, Windows 2008 R2 Server).
Working knowledge of Microsoft Office (Word, PowerPoint, and Excel).
Experience in Virtualization technologies.
Experience with Risk Management Framework Life Cycle.
Education and Experience:
Bachelor’s Degree in Business with 3+ years of experience focused on Information Systems, IT, Information Assurance, Cyber Security, systems accredidations.
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.