CACI International Information Security Manager in Austin, Texas
What You’ll Get to Do:
Manage CACI-NCS Information System Security Program; responsible for program compliance and implementation of ICD 503 for TS/SCI networks under government sponsorship. Directs implementation of ICD 503 certification test plans, vulnerability scans, and continuous monitoring task
More About this Role:
Responsible for providing information assurance for digital information, ensuring its confidentiality, integrity, and availability. Responsibilities include the granting of authorization to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indicia of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards.
Manage a portfolio of Information System Security programs potentially spanning SCI and SAP/SAR levels.
Prepare system security plans in accordance with the requirements of ICD 503 for Assessment and Authorization (A&A).
Knowledgeable of current ICD 503 controls, and determine which controls are applicable to the application, as well as document implementation in Security Controls Tractability Matrix (SCTM)
Support information system life cycle activities from rapidly establishing systems to support classified proposals.
Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies.
Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system.
Provide support to the Information System Owner for maintaining appropriate operation information assurance (IA) posture for programs.
Conduct reviews and technical inspections to identify and mitigate potential security weaknesses, and ensure that all security features applied to a system are implemented and functional
Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, SCTM)
Monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems
Attend Authorization Kick-Off meeting, working group meetings, and other meeting designated by Government
Serve as COMSEC Alternate, and support Security department as necessary
You’ll Bring These Qualifications:
TS/SCI with Full Scope Poly
Experience: Minimum 10 years of related work experience or equivalent
These Qualifications Would be Nice to Have:
Excellent verbal and written communication skills
Working knowledge of Xacta tool
Understanding of NIST Risk Management Framework
CISSP preferred (minimum Security+) Certification
What We can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.