Information Systems Security Officer (ISSO)

About The Position

Requirements

• An active DoD TS/SCI security clearance.
• Advanced knowledge of IT and networking (IP Networking, cyber security, or software development).
• Advanced understanding of Windows Server, Active Directory, DHCP, DNS, and WSUS/SCCP.
• Proficiency in Microsoft Windows and Linux software applications.
• At least one active Department of Defense 8570.01-M IAT/IAM Level III certification (e.g., CASP+CE, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP, CISM, GSLC, CCISO).
• B.S. in Information Technology/Systems, Computer Science, Computer Engineering, or Electrical Engineering.
• 5-7 years of related experience.
• Understanding of system controls and their impact on system security.
• Minimum of 5 years monitoring system NIST compliance using workflow tools.
• Minimum of 3 years using eMASS for system certification and accreditation tracking.
• Minimum of 3 years transitioning to and operating within RMF in DoD applications.
• Experience in initial risk assessment and assisting Authorizing Official with risk determination and acceptance.

Nice To Haves

• Experience as an ISSO/ISSM managing systems approved to process classified information.
• Knowledge of Air Force cyber security policies.
• Experience submitting ATO documentation in eMASS and Xacta.
• Willingness and ability to quickly learn new technologies.

Responsibilities

• Overseeing Security Operations: Ensure systems are operated, maintained, and disposed of according to security policies and procedures.
• Coordinating A&A and CM: Manage Assess and Authorize (A&A), Configuration Management (CM), and Release Management requirements in line with DoD Instructions.
• Ensuring Security Compliance: Verify that changes to applications, systems, environments, or organizations do not compromise security posture.
• Monitoring Vulnerability Postures: Validate vulnerability postures in ACAS and ensure compliance with DISA STIGs and CSSP HBSS requirements.
• Verifying Security Program Implementation: Ensure the delegated aspects of the system security program are implemented locally and across customer-related systems.
• Submitting ATO Documentation: Prepare and submit Authority to Operate documentation to eMASS and XACTA.
• Conducting Assessments: Perform periodic assessments of authorized systems and provide corrective actions for identified findings and vulnerabilities.
• Analyzing Audit Records: Collect and analyze audit records in accordance with the security plan.
• Incident Reporting: Report security-related incidents to the Facility Security Officer and assist with formal reporting to customers and DCSA oversight.
• Continuous Monitoring: Develop and execute a continuous monitoring strategy.
• Cyber Security Training: Create and oversee a cyber security awareness training program.
• Travel: Visit other locations or customer sites as necessary.
• Team Collaboration: Work effectively in a team environment and perform other duties as assigned.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.