Information Systems Security Officer

About The Position

Requirements

• B.S. in Information Technology/Systems, Computer Science, Computer Engineering, or Electrical Engineering OR 6–8 years of related experience without a bachelor’s degree
• 3–5 years of related experience with a bachelor’s degree
• Active DoD SECRET (or higher) security clearance
• Must hold at least one active DoD 8570.01-M IAT/IAM Level II certification (such as): CCNA-Security CySA+ GICSP GSEC Security+ CE CND SSCP CAP CASP+ CE CISM CISSP (or Associate) GS
• Advanced knowledge of IT and networking, including working knowledge in one or more of the following: IP Networking, cybersecurity, software development
• Advanced understanding of Windows Server, Active Directory, DHCP, DNS, and WSUS/SCCP
• Advanced knowledge of Microsoft Windows, Linux, and other required software applications
• Minimum 5 years monitoring system NIST compliance using workflow tools
• Minimum 3 years using eMASS for system certification and accreditation tracking
• Minimum 3 years of practical experience transitioning to and operating within the DoD RMF
• Understanding of system controls and their impact on system security
• Experience performing initial risk assessments and supporting Authorizing Official (AO) risk determinations

Nice To Haves

• Additional or advanced cybersecurity certifications beyond the required list
• Broader experience across multiple DoD programs or environments
• Experience with emerging cybersecurity frameworks or automation tools related to RMF or NIST compliance

Responsibilities

• Provide inputs to ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan.
• Coordinate Assess and Authorize (A&A), Configuration Management (CM), and Release Management requirements for the client's systems in accordance with DoD Instructions
• Ensure application, system, environment, or organizational changes do not have an adverse effect on the security posture of the system security compliance and assessment
• Monitor and validate vulnerability postures in Assured Compliance Assessment Solution (ACAS), and ensure all systems comply with DISA Security Technical Implementation Guidelines (STIG)s and with CSSP HBSS requirements
• Verify the implementation of delegated aspects of the system security program locally as well as across customer related systems.
• Preparation and submission of Authority to Operate documentation to eMASS and XACTA
• Ensure audit records are collected and analyzed in accordance with the security plan.
• Report all security-related incidents to Facility Security Officer and assist with formal reporting to impacted customers and DCSA oversight.
• Formally notifying the customer(s) of any changes to a system that could affect authorization to operate.
• Ensure user activity monitoring data is analyzed, stored, and protected in accordance with the DCSA policies and procedures.
• Assist ISSM in execution of the continuous monitoring strategy.
• Development and oversight of cyber security awareness training program.
• Travel to other locations or customer sites as necessary.
• Perform other duties as assigned.
• Identify system security requirements in accordance with DCSA and NISPOM policy.
• Configure cyber security tools to ensure auditing and vulnerability management controls are met.
• Work in a team environment.

Benefits

• Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
• We offer competitive compensation, benefits and learning and development opportunities.
• Our broad and competitive mix of benefits options is designed to support and protect employees and their families.
• At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.