Information Assurance Security Engineer/Information System Security Engineer Level 2

CACI International•Suitland, MD

About The Position

CACI is seeking a skilled and experienced Information Assurance Security Engineer/Information System Security Engineer (Level 2) to join our dynamic team to support a DoD client in Suitland, MD. The ideal candidate will have a robust background in security engineering, with extensive experience in implementing and managing security protocols and frameworks within the Department of Defense (DoD), Intelligence Community (IC), and other relevant government entities. This role requires a deep understanding of security engineering practices, system/software design, and enterprise architecture security.

Requirements

TS/SCI Clearance
BS/BA in Computer Science, Electrical Engineering, Information Technology, Information Assurance, or a related field is desired.
Minimum of 5 years of Security Engineering experience.
Experience with DIACAP/DoD RMF, DCID 6/3, ICD-503, and/or NIST Risk Management Framework.
Experience with IC, DoD, DISA, NAVINTEL IA, FLTCYBERCOM, and DoDIIS processes, tools, systems, reporting mechanisms, and requirements for C&AIA&A.
General knowledge of DoD, IC, and national-level system security initiatives and secure Information/LAN/WAN technologies.
Adherence to the DOD Information Assurance Workforce Improvement Program requirements, per DOD 8570.01-M.
Effective interpersonal and customer relations skills.
Strong oral and written communication skills.

Nice To Haves

Certified Information Systems Security Professional (CISSP)
Information Systems Security Engineering Professional (ISSEP)
Certified Advanced Security Practitioner (CASP)

Responsibilities

Implement and manage security engineering practices within the System/Software Development Life Cycle (SDLC) Process.
Ensure compliance with DIACAP/DoD RMF, DCID 6/3, ICD-503, and NIST Risk Management Framework.
Contribute to system/software design, enterprise architecture security, integration, testing, system administration, application administration, training, deployment, and Operations & Maintenance (O&M).
Install, administer, and manage host-based and network-based vulnerability and compliance scanning tools.
Utilize Security Content Automated Protocol (SCAP) based and STIG compliance tools and specifications.
Harden modern operating systems (Unix and MS Windows) using Security Technical Implementation Guides (STIG).
Secure systems/software in accordance with IC, DoD, and industry best practices.
Deploy and maintain Enterprise-wide network-based scanning and reporting tools (e.g., HBSS/ESS, ACAS, RedSeal, Evaluate-STIG, SteelCloud ConfigOS, STIG Manager, etc.) to support compliance testing and continuous monitoring.
Develop security controls, testing methodologies, and test procedures for systems, cloud-based architectures, and Cross Domain Solutions (CDS).
Provide effective interpersonal and customer relations support.
Communicate effectively both orally and in writing to ensure clear understanding and implementation of security protocols.