Information Systems Security Engineer (ISSE)

About The Position

Requirements

• Education: B.S.; Information Technology/Systems, Computer Science, Computer Engineering, Electrical Engineering
• Experience: up to 5 years related experience
• An understanding of the relationship between system controls and how they affect system security
• A minimum of 5 years monitoring system NIST compliance using available workflow tools
• A minimum of 3 years using eMASS as a system certification and accreditation tracking tool
• A minimum of 3 years of practical experience transitioning to and operating within RMF in DoD applications
• Experience in initial risk assessment activities and ability to assist Authorizing Official risk determination with risk acceptance
• Possess active TS security clearance
• Advanced knowledge of information technology and networking, including a working knowledge in one of the following: IP Networking, cyber security, or software development
• Advanced knowledge and understanding of Windows Server, Active Directory, DHCP, DNS and WSUS/SCCP
• Advanced knowledge of Microsoft Windows and Linux software applications and other applications as required
• Must hold at least one active Department of Defense 8570.01-M IAT/IAM Level III certification.
• CASP+CE
• CCNP Security
• CISA
• CISSP (or Associate)
• GCED
• GCIH
• CCSP
• CISM
• GSLC
• CCISO

Responsibilities

• Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan.
• Assess and Audit (A&A), Configuration Management (CM), and Review Management requirements for the client's systems in accordance with DoD Instructions
• Ensure application, system, environment, or organizational changes do not have an adverse effect on the security posture of the system security compliance and assessment
• Monitor and validate vulnerability postures in Assured Compliance Assessment Solution (ACAS), and ensure all systems comply with DISA Security Technical Implementation Guidelines (STIG)s and with CSSP HBSS requirements
• Verify the implementation of delegated aspects of the system security program locally as well as across customer related systems.
• Preparation of Authority to Operate documentation to eMASS and XACTA
• Prepare and conduct periodic assessments of authorized systems and provide the ISSO and ISSM with corrective action plans for all identified findings and vulnerabilities.
• Ensure audit records analyzed in accordance with the security plan.
• Report all security-related incidents to Facility Security Officer and assist with formal reporting to impacted customers and DCSA oversight.
• Formally notifying the customer(s) of any changes to a system that could affect authorization to operate.
• Ensure user activity monitoring data is analyzed, stored, and protected in accordance with the DCSA policies and procedures.
• Develop and execute the continuous monitoring strategy.
• Development and oversight of cyber security awareness training program.
• Travel to other locations or customer sites as necessary.
• Perform other duties as assigned.
• Work in a team environment.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive compensation, benefits and learning and development opportunities.
• Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
• At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.