What You'll Get to Do:
Under limited direction, the Information Systems Security Manager (ISSM) is primarily responsible for the development, administration and management of information systems and security procedures for company and customer systems and networks supporting multiple customers.
The ISSM will be responsible for a portfolio of programs potentially spalling Collateral, SCI, and SAP/SAR levels. The candidate will support information system life cycle activities from rapidly establishing systems to support classified proposals, to scoping systems for new programs and preparing Risk Management Framework packages, to regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities.
More About this Role:
Duties and Responsibilities:
Responsible for ensuring Information System Compliance with the potential to span multiple business areas or programs.
Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Maintain thorough understanding of NIST 800-53 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM).
Monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems.
Communicate and coordinate Information Systems Security policy across their organization and work with government agencies to obtain rulings, interpretations, and acceptable deviations for compliance with regulations.
Establish, document, implement, and monitor the IS Security Program and related procedures for the facility and ensure compliance with IS security requirements.
Prepare and maintain Systems Security Plans (SSP) which accurately reflect the installation and security provisions of the system.
Ensure that each SSP has been implemented, that the specified security controls are in place and properly tested, and that the IS in functioning as described in the SSP.
Evaluate proposed changes or additions to the SSP and collaborate with customers for systems approvals.
Utilize automated tools to document certification and accreditation requirements.
Conduct on-going security reviews and tests for information systems to periodically verify that security features and operating controls are functional and effective.
Ensure that periodic self-inspections of the facility's IS Program are conducted as part of the overall facility self-inspection program.
Ensure the development, documentation and presentation of IS security education, awareness, and training activities for facility management, IS personnel, users, and others as appropriate.
Ensure personnel are trained on the IS's prescribed security restrictions and safeguards before they are initially allowed to access a system.
Identify and document unique local threats/vulnerabilities to IS.
Report IS security incidents to the CSA. Ensure action is taken when an incident/vulnerability has been discovered.
You'll Bring These Qualifications:
Experience as an ISSM/ISSO implementing NISPOM Chapter 8, JAFAN 6/3, DCID 6/3, ICD 503, and/or JSIG IS requirements in a SAP/SCI environment.
Experience developing IS security plans, policy and procedures for Local Area Network (LAN) Information Systems and Wide Area Network (WAN) Information systems
Experience with both Windows and Linux operating environments.
Must be able to obtain a Top Secret government security clearance.
ISSM experience on Special Access Programs (SAPs)
Working knowledge with the Risk Managed Framework (RMF)
Familiarity conducting vulnerability scans.
Ability to draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM)
What We Can Offer You:
We've been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
Caci International Inc.