Information Assurance Engineer/ISSO

About The Position

Requirements

• College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline
• Must be available to work 100% onsite in Sterling, VA.
• Certifications: minimum Security+ CE or equivalent
• Demonstrated knowledge of NIST Information Technology Security Special Publications (SP) 800 series, with emphasis on NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems” and NIST SP 800-53A, “Guide for Assessing the Security Controls in Federal Information Systems”
• 7+ years related technical experience
• Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
• Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas
• Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness
• Experience with continuous integration tools and environments
• Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage
• Active Top Secret clearance with SCI eligibility.

Nice To Haves

• CISSP or CASP preferred.
• Excellent written and verbal communication skills
• Strong collaboration skills and desire to work within a team
• Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter

Responsibilities

• Perform all Information System Security Officer (ISSO) duties and responsibilities in accordance with DODI 8500.01, DODI 8510.01.
• Support development and analysis of Assessment & Authorization (A&A) and Life Cycle Management documentation of systems and/or networks.
• Prepare and maintain Risk Management Framework (RMF) system accreditation Body of Evidence (BOE) packages using eMASS, XACTA, or other approved A&A tools, including System Security Plans, Risk Assessment Reports, System Requirements Traceability Matrices (SCTM), and other documentation as required by ICD 503, NIST 800-53, CNSSI 1254, or the Authorizing Official (AO).
• Assist with the development and maintenance of all necessary A&A documents
• Provide coordination, tracking, and management through all aspects of the initial and recurring A&A processes.
• Conduct independent assessments of all required security controls including interviews, examinations, and testing and prepare the assessment findings report.
• Work with system owners to resolve findings and answer questions.
• Perform cybersecurity review and validation services for cybersecurity authorization deliverables and record results.
• Support the Risk Management Framework (RMF) process using applicable tools.
• Attend and participate in required meetings or teleconferences.
• Continuous monitoring and plans of action and milestones (POA&M) management.
• Work in a multi-task in a dynamic, fast-paced environment.
• Provide analytical, communication and troubleshooting skills that enable proactive and effective collaboration, including the ability to clearly articulate status and present to both customers and program leadership.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.