Be an early applicantLess than 25 applicants

Company

Original Job Post

CACI International Inc · 1 day ago

Cyber Security Engineer

Aberdeen Proving Ground, MD

Full-time

Onsite

Mid Level

$90K/yr - $190K/yr

3+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Software

Actively Hiring

Comp. & Benefits

Insider Connection @CACI International Inc

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Serve as the Information Systems Security Officer (ISSO) and Risk Management Framework (RMF) Subject Matter Expert (SME) for the DoD System Authorization and Accreditation process for PM MC products.

Review, assess, and manage systems’ security requirements and validation methods via Enterprise Mission Assurance Support Service (eMASS).

Provide cybersecurity systems engineering oversight on applications development projects to ensure the appropriate security configuration of the operating environment are enforced.

Review and assess systems’ security implementation via product-reported Assured Compliance Assessment Solution (ACAS) Vulnerability scans, Defense Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) and Security Requirements Guides (SRGs), and source code vulnerability scans where applicable. Identify, communicate, and support resolution of deficiencies in security implementation reporting with product teams.

Manage Plan of Action and Milestone (POA&M) records with PM MC product teams.

Communicate DoD RMF system accreditation processes, documentation requirements, and security hardening reporting requirements to PM MC Product development teams during Integrated Product Team (IPT) and working group meetings.

Provide security considerations to inform systems/development engineering efforts to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences.

Facilitate continuous monitoring activities with product network/system/development engineers.

Coordinate with Engineering and other Cybersecurity personnel to implement and enforce security policies and patch management processes.

Provide technical consultative/advisory services to the PM/Product Manager (PdM) to review proposed new systems, networks, and software designs for potential security risks.

Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats.

Support development of program cybersecurity policies and procedures to ensure information systems reliability and accessibility in accordance with Army/DISA requirements to prevent and defend against unauthorized access to systems, networks, and data; for short- and long-term mission and goals of the PM.

Collaborate responses for Army Cyber (ARCYBER) Cyber Tasking Order (CTO) compliance reporting and vulnerability remediation/mitigation requests for information (RFIs).

Participate in Configuration Management/Review Boards to provide Cybersecurity input.

Support system accreditation and Security Control Assessor – Validation events.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

DOD Secret security clearanceSecurity + CE certificationEMASSACAS Vulnerability scansDISA STIGs/SRGsResidual risk identificationSystems Security EngineeringCybersecurity StrategiesInformation Support PlansProgram Protection PlansDoD RMFVulnerability assessmentsAR 25-2 Army CybersecurityDoDI 8510.01 Risk Management FrameworkCommunicationTeamworkSTIGsSecurity ControlsLinux OSsMicrosoft WindowsMicrosoft OfficeVMwareCisco IOSPalo Alto FirewallModemContainersHyper-VArmy Systems Acquisitions ProcessCybersecurity Artifact RequirementsProblem-Solving

Required

Active DOD Secret security clearance.

Bachelor’s Degree (Computer Science, Engineering or similar) and at least 3 years of experience OR an Associates Degree and at least 7 years of experience OR no degree and at least 9 years of experience.

Security + CE certification or higher.

Fluent in the use of eMASS.

Fluent in analyzing ACAS Vulnerability scans, DISA STIGs/SRGs, and processes related to residual risk identification.

Capability to communicate across cross-functional teams.

Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs).

Knowledge of, and skill in applying DoD RMF to conduct risk and vulnerability assessments of planned and installed information systems and identify vulnerabilities, risks, and protection needs.

Knowledge of AR 25-2 Army Cybersecurity and DoDI 8510.01 Risk Management Framework (RMF 2.0) for DOD Information Technology (IT).

Preferred

Experience with identifying applicable STIGs, integrating security controls, and validating their implementation on Linux OSs, Microsoft Windows & Windows Server, Microsoft Office, VMware, Cisco IOS, Windows and Palo Alto Firewall, Network, modem, containers, and Hyper-V products.

Fluent in conducting ACAS Vulnerability scans and DISA STIGs/SRGs.

Familiarity with Army Systems Acquisitions Process, milestone decision points, and related cybersecurity artifact requirements.

Benefits

Healthcare

Wellness

Financial

Retirement

Family Support

Continuing Education

Time Off

Company

CACI International Inc

Glassdoor

4.0

At CACI International Inc (NYSE: CACI), our 23,000 talented and dynamic employees are ever vigilant in delivering distinctive expertise and differentiated technology to meet our customers’ greatest challenges in national security and government modernization.

Founded in 1962

Arlington, Virginia, USA

10,001+ employees