CACI International Inc · 1 day ago
Cyber Security Engineer
Wonder how qualified you are to the job?
Software
Insider Connection @CACI International Inc
Responsibilities
Serve as the Information Systems Security Officer (ISSO) and Risk Management Framework (RMF) Subject Matter Expert (SME) for the DoD System Authorization and Accreditation process for PM MC products.
Review, assess, and manage systems’ security requirements and validation methods via Enterprise Mission Assurance Support Service (eMASS).
Provide cybersecurity systems engineering oversight on applications development projects to ensure the appropriate security configuration of the operating environment are enforced.
Review and assess systems’ security implementation via product-reported Assured Compliance Assessment Solution (ACAS) Vulnerability scans, Defense Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) and Security Requirements Guides (SRGs), and source code vulnerability scans where applicable. Identify, communicate, and support resolution of deficiencies in security implementation reporting with product teams.
Manage Plan of Action and Milestone (POA&M) records with PM MC product teams.
Communicate DoD RMF system accreditation processes, documentation requirements, and security hardening reporting requirements to PM MC Product development teams during Integrated Product Team (IPT) and working group meetings.
Provide security considerations to inform systems/development engineering efforts to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences.
Facilitate continuous monitoring activities with product network/system/development engineers.
Coordinate with Engineering and other Cybersecurity personnel to implement and enforce security policies and patch management processes.
Provide technical consultative/advisory services to the PM/Product Manager (PdM) to review proposed new systems, networks, and software designs for potential security risks.
Identify and/or assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats.
Support development of program cybersecurity policies and procedures to ensure information systems reliability and accessibility in accordance with Army/DISA requirements to prevent and defend against unauthorized access to systems, networks, and data; for short- and long-term mission and goals of the PM.
Collaborate responses for Army Cyber (ARCYBER) Cyber Tasking Order (CTO) compliance reporting and vulnerability remediation/mitigation requests for information (RFIs).
Participate in Configuration Management/Review Boards to provide Cybersecurity input.
Support system accreditation and Security Control Assessor – Validation events.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Active DOD Secret security clearance.
Bachelor’s Degree (Computer Science, Engineering or similar) and at least 3 years of experience OR an Associates Degree and at least 7 years of experience OR no degree and at least 9 years of experience.
Security + CE certification or higher.
Fluent in the use of eMASS.
Fluent in analyzing ACAS Vulnerability scans, DISA STIGs/SRGs, and processes related to residual risk identification.
Capability to communicate across cross-functional teams.
Familiarity with Systems Security Engineering (SSE) documentation (e.g. Cybersecurity Strategies, Information Support Plans, Program Protection Plans (PPPs).
Knowledge of, and skill in applying DoD RMF to conduct risk and vulnerability assessments of planned and installed information systems and identify vulnerabilities, risks, and protection needs.
Knowledge of AR 25-2 Army Cybersecurity and DoDI 8510.01 Risk Management Framework (RMF 2.0) for DOD Information Technology (IT).
Preferred
Experience with identifying applicable STIGs, integrating security controls, and validating their implementation on Linux OSs, Microsoft Windows & Windows Server, Microsoft Office, VMware, Cisco IOS, Windows and Palo Alto Firewall, Network, modem, containers, and Hyper-V products.
Fluent in conducting ACAS Vulnerability scans and DISA STIGs/SRGs.
Familiarity with Army Systems Acquisitions Process, milestone decision points, and related cybersecurity artifact requirements.
Benefits
Healthcare
Wellness
Financial
Retirement
Family Support
Continuing Education
Time Off
Company
CACI International Inc
At CACI International Inc (NYSE: CACI), our 23,000 talented and dynamic employees are ever vigilant in delivering distinctive expertise and differentiated technology to meet our customers’ greatest challenges in national security and government modernization.
Funding
Current Stage
Public CompanyTotal Funding
unknown2003-01-10IPO· nyse:CACI
Leadership Team
Recent News
2024-04-25
2024-04-13
Company data provided by crunchbase