Information System Security Officer (ISSO)

About The Position

Requirements

• Must be a U.S. Citizen, with an active Government security clearance.
• College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline or equivalent years of experience.
• Certifications: Must have Security+ Certification or equivalent DOD 8570 IAT Level 2 certification. CISSP certified a plus.
• Demonstrated knowledge of National/DoD/Army Directive security policies.
• Demonstrated knowledge of directive, guidelines, processes, and procedures for maintaining the security, integrity, and confidentiality of secure facilities, containers, and communications.
• Demonstrated experience using Army or equivalent eMASS.
• Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
• Demonstrated experience with DISA Security Content Automation Protocol (SCAP), Evaluate STIG (eSTIG), and STIG Viewer v3 required
• Demonstrated knowledge of DOD RMF accreditation implementation
• Ability to identify and manage risk.
• Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement.
• Excellent written and verbal communication skills.
• Strong collaboration skills and desire to work within a team.
• Understanding of all elements of the DOD Cybersecurity policies and requirement
• Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
• 10+ years related technical experience.

Nice To Haves

• Experience with Unified Communications (UC) technology, telecommunications/Voice over IP (VoIP)
• Demonstrated experience with Linux v8+, Windows Server 2019 and above, and VMWare Cloud Foundation (VCF).
• Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, Web Gateways, and/or enterprise Antivirus software technologies.

Responsibilities

• The ISSO is responsible for the Information Assurance and Security system and network services.
• Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects
• Meet the government’s cybersecurity accreditation process to achieve an Authority to Operate (ATO).
• Maintain the Security Authorization or Authorization to Operate (ATO) of assigned systems and conduct initial and annual risk assessments.
• Identify required STIGs and guide system certification based on project requirements.
• Prepare a certification package, including STIG assessment and documentation, vulnerability and scan assessments, and conduct quarterly software security reviews.
• Ensure all security measures comply with applicable government policies.
• Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, SCTM)
• Develop, monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned facilities and Information Systems
• Participate in internal and external security audits and inspections and perform risk assessments.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive compensation, benefits and learning and development opportunities.
• Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
• At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.