Information Assurance Security Engineer/Information System Security Engineer Level 3

CACI International•Suitland, MD

About The Position

CACI is seeking a skilled and experienced Information Assurance Security Engineer/Information System Security Engineer (Level 3) to join our dynamic team to support a DoD client in Suitland, MD. The ideal candidate will have a robust background in security engineering, extensive experience with Department of Defense (DoD) and Intelligence Community (IC) security frameworks, and a proven track record in implementing security practices throughout the System/Software Development Life Cycle (SDLC). This role requires a proactive, results-oriented individual with exceptional interpersonal and communication skills.

Requirements

TS/SCI Clearance
BS/BA in Computer Science, Electrical Engineering, Information Technology, Information Assurance, or a related field.
Minimum of 8 years of Security Engineering experience.
5+ years of software development experience in Java, C, C++, or other programming or scripting languages.
Extensive experience with DIACAP/DoD RMF, DCID 6/3, ICD-503, and NIST Risk Management Framework.
Proven experience with IC, DoD, DISA, NAVINTEL IA, FLTCYBERCOM, and DoDIIS processes.
Experience implementing security engineering practices in the SDLC.
General knowledge of DoD, IC, and national-level system security initiatives and secure Information/LAN/WAN technologies.
Must possess Certified Information Systems Security Professional (CISSP) certification prior to reporting onboard.
Exemplary proactive, results-oriented interpersonal and customer relations expertise.
Strong team-building skills.
Effective oral and written communication skills.

Nice To Haves

MS preferred.
Minimum of 2 years of Project Management experience preferred.
Information Systems Security Engineering Professional (ISSEP) preferred.
Certified Advanced Security Practitioner (CASP) preferred.

Responsibilities

Security Engineering: Implement and maintain security engineering practices in accordance with DIACAP/DoD RMF, DCID 6/3, ICD-503, and NIST Risk Management Framework. Ensure compliance with IC, DoD, DISA, NAVINTEL IA, FLTCYBERCOM, and DoDIIS processes, tools, systems, reporting mechanisms, and requirements for C&AIA&A.
System/Software Development: Design, develop, and integrate security features into systems and software. Conduct security testing, system administration, application administration, training, deployment, and O&M.
Scanning and Hardening: Design and develop host-based and network-based scanning tools. Utilize SCAP-based tools and specifications for compliance testing and continuous monitoring. Harden modern operating systems (Unix and MS Windows) using Security Technical Implementation Guides (STIG).
Project Management: Manage security-related projects, ensuring timely delivery and adherence to security standards. Collaborate with cross-functional teams to implement security controls and best practices.
Documentation and Reporting: Develop security controls, testing methodologies, and test procedures for systems, cloud-based architectures, and Cross Domain Solutions (CDS). Prepare comprehensive reports and documentation for security assessments and compliance reviews.
Customer Relations: Provide exemplary customer service and build strong relationships with stakeholders. Communicate effectively both orally and in writing to convey complex security concepts and solutions.