You haven't searched anything yet.
What You’ll Get to Do:
You will perform Information System Security Engineering support for various information systems throughout the system development lifecycle. You will have the opportunity to perform system hardening, prepare comprehensive assessment testing procedures, system vulnerability scanning and mitigation, system maintenance and configuration, documentation, and support the engineering team by providing direct input on the information system design to obtain and/or maintain a successful Authorization to Operate.
More About this Role:
Execution of the Assessment & Authorization (A&A process in accordance with government requirements (e.g. ICD-503)
Ensure that accreditation data is maintained within customer databases (e.g. SNOW)
Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening (e.g. STIGs), operating systems, application software and security tools
Execute system configuration, and maintenance in support of the Security Engineering discipline
Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing
Provide technical guidance focused on information security architecture
Generate security accreditation artifacts to include, but not limited to, Security Plans, Certification Test Plans, and Continuous Monitoring Plans
Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones
Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements
Perform guidance for hardening of operating systems, COTS product and OpenSource products as required to support compliance with security requirements
Provide technical engineering services for the support of integrated security systems and solutions
Assess and mitigate system security threats, risks, and vulnerabilities throughout the program life cycle. Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system operations
Participate as a member of a security engineering team that designs, develops, implements, evaluates and/or integrates security architectures, systems or system components
Support and interact with customers in the enforcement of the design of security throughout the system life cycle.
Apply knowledge of IA policies and procedures disseminated by the customers organization.
Track software delivery cycles for required updates and patching.
Provide weekly security status emails
Develop quarterly security status briefing charts and brief them at Program Management Reviews
Duties and Responsibilities:
Track outstanding security findings and determine solutions
Develop tasks/milestones to workoff POA&Ms and track them
Coordinate A&A activities between program and external entities
Generate program documentation to capture security status
You’ll Bring These Qualifications:
An active TS/SCI clearance with polygraph is required
Must have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment (e.g. CISSP)
Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or equivalent and five (5) years of directly related experience.
Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures.
Experience with implementing NIST 800-53 controls/ICD 503.
Knowledge of the NRO environment and the ability to navigate projects through the RMF process to achieve IATT & ATO.
Experience participating in Assessment and Authorization (A&A) process.
Experience preparing systems security documentation (e.g., security plans, risk assessment reports, Plan of Actions and Milestones (POA&Ms), etc.).
Experience with Continuous Monitoring, mitigating scan findings, maintaining Interconnections documentation.
Vulnerability assessment scanning experience (Security Center/NESSUS)
Experience working with engineers and system administrators to correct scan findings / system vulnerabilities.
Experience with creation/use of Security Center Dashboards and reports.
Excellent communication and interpersonal skills required.
Must be able to efficiently manage time management and workload
Ability to support a flexible schedule and work in a dynamic, real-time environment with rapidly changing priorities required.
Desired Certifications:
Proficient in the use of Microsoft Application tools (i.e., Excel and Powerpoint).
Experience with developing test plans for information systems.
Demonstrated experience with Linux (Red Hat, CentOS)
Experience with DevOps
Familiarity with code quality and code analyzing security tools
Experience with Amazon Web Services (AWS): Should have current or ability to obtain an Amazon Cloud certification, such as AWS Certified Solutions Architect – Associate or AWS Certified Security Specialty
Audit log review: ability to query and perform analysis in Splunk.
Experience within the Intelligence Community
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview:
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn morehere
The proposed salary range for this position is:
$98,500 - 206,800 USDFull Time
IT Outsourcing & Consulting
$94k-112k (estimate)
10/20/2023
07/01/2024
caci.com
ARLINGTON, VA
15,000 - 50,000
1962
Private
JOHN S MENGUCCI
$5B - $10B
IT Outsourcing & Consulting
The job skills required for Information Systems Security Engineer (ISSE) include Information Security, Analysis, Computer Science, Security Controls, Security Systems, Linux, etc. Having related job skills and expertise will give you an advantage when applying to be an Information Systems Security Engineer (ISSE). That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Information Systems Security Engineer (ISSE). Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Information Systems Security Engineer (ISSE) positions, which can be used as a reference in future career path planning. As an Information Systems Security Engineer (ISSE), it can be promoted into senior positions as an Information Security Analyst IV that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Information Systems Security Engineer (ISSE). You can explore the career advancement for an Information Systems Security Engineer (ISSE) below and select your interested title to get hiring information.