Information System Security Engineer (Up To 25% Profit Sharing)

Caci International Inc. Sterling , VA 20164

Posted 2 months ago

Job Description:

CACI seeks a talented Information Systems Security Engineer to join our Advanced Solutions Group, within the National Security and Innovative Solutions Sector. We enable national security missions through creation and delivery of innovative, technology-centric solutions that provide decision advantage to our customers. Our client engagement processes, the way we collaborate, operate and deliver value provides an unparalleled opportunity to grow and advance.

This position will provide Information Assurance support for various information systems throughout the system development lifecycle. Our ISSE must be comfortable with providing customer and program teams with input as to how to meet various security requirements.

This opportunity offers very rewarding and unique benefits, which equates to 50% of compensation on TOP of your base salary! The first part is a tax-qualified profit-sharing retirement plan, to which CACI annually contributes up to 25% of your base salary (not in excess of applicable IRS limits) to your retirement account. The second component consists of an Individual Benefit Account (IBA), which is used for premiums, medical reimbursements, dependent care, education and Paid Time Off (PTO) policy. Both components of the benefit package are paid for by CACI, in addition to your base salary and potential performance bonuses. We believe in a healthy home/work balance and our locations offer a wide variety of activities to balance with your work life.

What You'll Get to Do:

  • Navigating projects through the RMF process to achieve IATT and ATO

  • Writing NIST 800-53 responses to security controls, including inherited, shared, or systems level controls

  • Providing technical guidance regarding the system's Assessment and Authorization (A&A) process

  • Participating in security testing and assessments

  • Prepare, Present, and Maintain all security related documentation for system including, but not limited to, system security plan, body of evidence, Plan of Action and Milestones (POAM), and Certification and Accreditation (C&A) documentation leveraging online record keeping systems

  • Identifying missing, inaccurate, or duplicate data

  • Establishing and maintaining strong relationships with the organization's Information Systems Security Managers (ISSM) and seeking guidance for approval, as needed

  • Working with the team to mitigate the risk elements (POAMs) identified during assessment and seeking validation from enterprise security depending on level of risk element

  • Facilitating and attending Technical Exchange Meetings (TEMs) with engineers and other partners to gather requirements for project registration and control implementation

  • Supporting weekly and ad hoc reporting requirements

  • Preparing and presenting briefing material

You'll Bring These Qualifications:

  • Typically requires bachelor's degree or equivalent and 7 plus years of directly related experience

  • Minimum of 7 years ISSE /System Engineering experience, or directly related.

  • Experience with implementing NIST 800-53 controls/ICD 503

  • Knowledge of the NRO environment and the Xacta 360 tool to navigate projects through the RMF process to achieve IATT & ATO

  • Experience participating in Assessment and Authorization (A&A) process

  • Experience preparing systems security documentation (e.g., security plans, risk assessment reports, Plan of Actions and Milestones (POA&Ms), etc.)

  • Experience with Continuous Monitoring, mitigating scan findings, maintaining network cut sheets/PPS sheets

  • Experience with system integration and hardening in the NRO cloud environment

  • Experience working with engineers and system administrators to correct scan findings / system vulnerabilities

  • Must have a current and active TS/SCI with CI Polygraph to begin employment

  • Must have current Security+ Certification or another DoD 8570 Complaint IA Certification, or ability to obtain immediately upon hiring

  • Vulnerability assessment scanning experience (Security Center/NESSUS)

These Qualifications Would be Nice to Have:

  • Information Systems Security Officer (ISSO) knowledge and/or experience

  • Experience with developing test plans for information systems

  • Demonstrated experience with Linux (Red Hat)

  • Experience with DevSecOps

  • Familiarity with code quality and code analyzing security tools

  • Experience with Amazon Web Services (AWS): Should have current or ability to obtain an Amazon Cloud certification, such as AWS Certified Solutions Architect

  • Associate or AWS Certified Security Specialty
  • Audit log review: ability to query and perform analysis in Netwitness, Splunk, etc

What We Can Offer You:

  • We've been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.

  • For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.

Job Location

US-Aurora-CO-DENVER

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer

  • Females/Minorities/Protected Veterans/Individuals with Disabilities.
icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Engineer (Isse) (Up To 25 Profit Sharing Benefit)

Caci International Inc.

Posted 2 months ago

VIEW JOBS 10/16/2020 12:00:00 AM 2021-01-14T00:00 Job Description This opportunity offers very rewarding and unique benefits, which equates to 50% of compensation on TOP of your base salary! The first part is a tax-qualified profit-sharing retirement plan, to which CACI annually contributes up to 25% of your base salary (not in excess of applicable IRS limits) to your retirement account. The second component consists of an Individual Benefit Account (IBA), which is used for premiums, medical reimbursements, dependent care, education and Paid Time Off (PTO) policy. Both components of the benefit package are paid for by CACI, in addition to your base salary and potential performance bonuses. We believe in a healthy home/work balance and our locations offer a wide variety of activities to balance with your work life. What You'll Get to Do: You will perform Information System Security Engineering support for various information systems throughout the system development lifecycle. You will have the opportunity to assist in system hardening, prepare comprehensive assessment testing procedures, system scanning, documentation, and support the engineering team by providing direct input on the information system design in order to obtain a successful Authorization to Operate. Additionally, you will maintain some operational systems as the primary systems administrator. Duties and Responsibilities: * Execution of the Assessment & Authorization (A&A process in accordance with government requirements (e.g. ICD-503). * Ensure that accreditation data is maintained within customer databases (e.g. Xacta). * Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening (e.g. STIGs), operating systems, application software and security tools. * Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing. * Provide technical guidance focused on information security architecture. * Generate security accreditation artifacts to include, but not limited to Security Requirements Traceability Matrix, Security Plans, Certification Test Plans, and Continuous Monitoring Plans. * Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements. * Performing hardening of operating systems, COTS product and OpenSource products as required to support compliance with security requirements. * Provide technical engineering services for the support of integrated security systems and solutions * Assesses and mitigates system security threats, risks and vulnerabilities throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system operations. * Apply knowledge of IA policies and procedures disseminated by the customers organization * Perform day-to-day administration and maintenance of operational systems You'll Bring These Qualifications: * 10 years of related work experience and a Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline * An active TS/SCI clearance is required with BI date in last 3 years. * Must have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment. * Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation. * Ability to develop best practices for processes and standards that will better the system. * Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption). * Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]). * Knowledge of security system design tools, methods, and techniques. These Qualifications Would be Nice to Have: * Experience with ICD 503 and working knowledge of Risk Management Framework as outlined in NIST SP 800-37. * Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A. * Knowledgeable in continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques. * Knowledgeable in information system vulnerability analysis and management. * Experienced in system testing methodologies that include: Penetration testing, Configuration analysis, Security best practices validation * Experienced in security testing and penetration tools such as: Backtrack, Assured Compliance Assessment Solution (ACAS), Wireshark, Retina, Tripwire * Experience with Security Content Automation Protocol (SCAP) or OpenSCAP scanning tools. * Experience managing McAfee ePolicy Orchestrator * Experience managing Windows Server Update Services (WSUS) * Experience maintaining COMSEC materials * Knowledgeable in Cyber Incident handling. * Experienced in using the XACTA application. What We Can Offer You: * We've been named a Best Place to Work by the Washington Post. * Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. * We offer competitive benefits and learning and development opportunities. * We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities. * For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success. Job Location US-Sterling-VA-VIRGINIA SUBURBAN CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities. Caci International Inc. Sterling VA

Information System Security Engineer (Up To 25% Profit Sharing)

Caci International Inc.