CACI International Information Assurance Specialist in Chantilly, Virginia
What You’ll Get to Do:
CACI is currently looking for outstanding IT candidates to join our TSA IT Management, Performance Analysis, and Collaborative Technologies (IMPACT) team in the National Capital Region (NCR) and throughout the United States. CACI will provide a variety of IT services through IMPACT including cyber security, identity and access management, risk management, cloud integration and engineering, field support services, service desk, application deployment and optimization, and operations center support services. CACI will support TSA in both classified and unclassified IT operational environments increasing availability and security for a variety of applications and systems. IMPACT services will integrate with the broader DHS mission and enhance existing Department-wide IT capabilities.
More About the Role:
Support the Risk Management and Compliance Lead by providing support to maintain ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions.
Provide support to CDM DHS Tools in fulfilling and reporting SLRs for TSA enterprise infrastructure
Staff Security Training - provide personnel security training progress report
Provide support for TSA in maintenance of an all-encompassing system security program to proactively manage TSA Infrastructure systems security risks, vulnerabilities, and compliance with security configurations, guidance, and policies.
Provide management and Ongoing Authorization (OA) Compliance Support to include Risk Management Framework (RMF) and FISMA compliance, Security Release management, Security Authorization and OA, and DHS policy Directives and Cyber Orders.
Support, coordinate, document, assess, and comply with all Cyber Security operations IAW operational plans, SOPs, and Work Instructions
Recommend improvements on the security risk posture through new SOPs, tools, or methods
Compliance POA&M analysis, management, compliance, and remediation
Monitor security advisories and security bulletins to ensure compliance with applicable security requirements
Ensure remediation of all applicable DHS ISVM Alerts and Bulletins for applicable TSA systems
Create remediation plans and make recommendations on approving security risk through new tools, SOP, or other methods
Support Security Release Management - Track and report software inventory for all infrastructure devices (patches and firmware)
Monitor Security advisories and security bulletins
Provide DHS with tailored documentation to support their security authorization
Support Security Test and Evaluation/Security Assessment activities
Support DHS’ system accreditation and Ongoing Assessment and Ongoing Authorization processes and activities to ensure the implementation of NIST SP 800-53 security controls
Support all Information Assurance activities, responsible for enabling the ongoing assessment and ongoing authorization of TSA infrastructure utilizing Risk Management Framework (RMF) and automated Security Assessment and Authorization tools.
Utilize NIST Security Controls and Control Implementation methodologies to the SA&A process
Prepare System Security Plan, Security Assessment Report (SAR), and Plans of Action and Milestones
In depth knowledge of FIPS 199 Security Categorizations
Develop and maintain security documentation
Responsible for assessing and developing ongoing authorization packages for technical solutions that may require collaboration with internal expertise and deep analysis of the technical system.
Understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN)
Development of all Security Authorization artifacts and documentation and assembling of Authorization packages
Responsible for administration and adherence of the Risk Management Plan
Coordinate closely with other cyber security teams to provide coordinated compliance support.
You’ll Bring These Qualifications:
NIST Risk Management Framework and Security Control Implementation
Experience with IAVM processes and best practices
Experience with security compliance reporting for an enterprise
Experience with generating POA&Ms
Experience with FISMA compliance and the RMF Assessment and Authorization process
Ability to obtain a DOD Security Clearance
Ability to obtain a DHS Entrance on Duty (EOD)
BA/BS or equivalent experience and minimum 2 years related work experience
Flexible – The environment is highly dynamic. You will be expected to keep up with the changing environment while ensuring a high level of operational effectiveness
Team Player – This role is part of a much larger team
Excellent written and oral communication skills
Effective and efficient Time management of self and team duties
These Qualifications Would be Nice to Have:
- Relevant DHS focused experience
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.