CACI International Security Vulnerability Engineer in Chantilly, Virginia

Job Description

What You’ll Get to Do:

Are you looking for a role that will impact protecting our Homeland Security? Do you thrive in assisting large organizations to apply Risk Management Framework? And are you a leader who always rises to the occasion? If yes, please keep reading!

As a Security Vulnerability Engineer, you will be responsible for working directly with Security Architects and other Design/Integration Engineers to ensure the Security and Privacy of innovative cybersecurity solutions, while working in a dynamic environment on the latest security technologies.

More About the Role:

The Security Vulnerability Engineer will be responsible for the following:

  • Respond to National Cybersecurity Assessments and Technical Services team (NCATS), DHS, and DHS Component vulnerability findings, developing remediation steps to mitigate findings

  • Develop change control documentation, following Component-specific change control processes and procedures

  • Document and test configuration changes in virtual test environment

  • Execute required configuration changes in DHS and Component-specific environments, performing knowledge transfer to Operations teams

  • Responsible for executing or enabling the Security Test and Evaluation (ST&E) of CDM solutions as they’re being developed utilizing manual methods such as checklists and benchmarks and automated methods such as penetration testing, web assessment, and vulnerability scanning tools (e.g. Metasploit, WebInspect, Tenable Nessus, etc.)

  • Responsible for executing or enabling the Security Test and Evaluation (ST&E) of CDM solutions while de-conflicting with CDM Dashboard Integration Testing and ongoing Developmental and Operational Test and Evaluation (DT&E/OT&E)

  • Responsible for executing or enabling the ongoing assessment and ongoing authorization of CDM solution as its being developed utilizing Risk Management Framework (RMF) and automated Security Assessment and Authorization tools.

  • Familiar with Risk Management Framework policy and application across the CDM program.

  • Implements NIST Security Controls and Control Implementation methodologies to the SA&A process

  • Briefs senior level internal and external customers on technical adherence to security controls as part of the RMF program

  • Understand and support Privacy Compliance Activities to include technical adherence to NIST SP 800-53 Rev 4 or later Privacy controls

  • Assists Vulnerability Assessment and Authorization Security Specialists with information assurance (IA) processes for new projects including the development of security authorization packages and the tracking of progress for all Security Control implementations and Plans of Action and Milestones (POA&M)

  • Responsible for adherence to the Risk Management Plan

  • Responsible for implementing and applying technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.

  • Assists Vulnerability Assessment and Authorization Security Specialists with the assessment and authorization of network devices as well as ensuring the robustness of information security incident, damage and threat assessment programs.

  • May provide intrusion support to high technology investigations in the form of network assessments.

  • Researches tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption.

  • Performs duties in support of in-house and external customers.

  • Assesses integrated system solutions ensuring proprietary / confidential data and systems are protected in accordance with mandated standards.

  • Participates with the client in the strategic process to translate security and business requirements into authorization packages.

  • Validates secure systems and may test security products/systems to detect computer and information security weakness.

  • Assists in the generation of security architecture documentation.

  • Provides critical written and verbal analyses of previously generated security architecture documentation as a part of vulnerability and risk assessments.

  • Assists Vulnerability Assessment and Authorization Security Specialists with the design and implementation of plans of action and milestones (POA&M) to remediate findings from vulnerability and risk assessments.

  • Provides information assurance for digital information, ensuring its confidentiality, integrity, and availability.

  • Coordinate closely with the Quality Assurance Specialist in identifying and mitigating risk to meet established quality standards

You’ll Bring These Qualifications:

  • Must be a “hands-on” engineer with a well-developed understanding of Security Hardening guides, Vulnerability Assessment tools and methods, Security Content and Automation Protocol (SCAP), etc.

  • Well-developed understanding of Defensive (and Offensive) Cybersecurity technologies, e.g. Next Generation Firewall (NGFW), Intrusion Prevention System (IPS), Content Filtering devices and proxies (Web and Email), Data Loss Prevention (DLP), Security Intrusion and Event Monitoring (SIEM), etc.

  • Strong understanding of NIST RMF implementation guidance.

  • In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process

  • Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes

  • Can demonstrate understanding of critical documentation required in Security Authorization (SA) Packages

  • Ability to understand and support Privacy Compliance Activities

These Qualifications Would be Nice to Have:

  • Strong Systems and Network Engineering background, e.g. Microsoft Active Directory, Cisco/Palo Alto/Juniper networks, etc.

  • Strong virtualization background VMware, OVirt, Virtual Box, etc.

  • Splunk, Microsoft, Palo Alto, Cisco, VMware, certifications a plus!

  • Certified Information Systems Auditor (CISA) or Certified Authorization Professional (CAP)

  • Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) as it relates to Security Assessment and Authorization (SA&A)

  • Relevant DHS or .gov Cyber Security focused experience

  • Typically has a University Degree (BA/BS) or equivalent experience and minimum 10 years related work experience.

  • Ability to obtain Security Clearance/ Able to obtain a DHS Entrance on Duty (EOD)

What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

  • For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.


Job Location


CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.