CACI International Jobs

Job Information

CACI International Senior Information System Security Engineer (Up to 25% Profit Sharing Benefit!) in Denver, Colorado

Job Description

BITS, a CACI Company, offers very rewarding and unique benefits, which equates to 50% of compensation on TOP of your base salary! The first part is a tax-qualified profit-sharing retirement plan, to which BITS annually contributes up to 25% of your base salary (not in excess of applicable IRS limits) to your retirement account. The second component consists of BITS' Individual Benefit Account (IBA), which is used for premiums, medical reimbursements, dependent care, education and Paid Time Off (PTO) policy. Both components of the BITS benefit package are paid for by BITS, in addition to your base salary and potential performance bonuses. We believe in a healthy home/work balance and both of our locations offer a wide variety of activities to balance with your work life. Learn more at

CACI is looking for an Information Systems Security Engineer to join our Army CReATE team and provide Information Assurance support for various information systems throughout the system development lifecycle. Our ISSE must be comfortable with providing customer and program teams with input as to how to meet various security requirements.

What You’ll Get to Do:

  • Navigating projects through the RMF process to achieve IATT and ATO

  • Writing NIST 800-53 responses to security controls, including inherited, shared, or systems level controls

  • Complete DISA Security Technical Implementation Guide (STIG) reviews of custom applications

  • Providing technical guidance regarding the system’s Assessment and Authorization (A&A) process

  • Identify security shortcomings and implement creative solutions to these vulnerabilities

  • Participating in security testing and assessments

  • Recommend system-level solutions to resolve security requirements

  • Prepare, Present, and Maintain all security related documentation for system including, but not limited to, system security plan, body of evidence, Plan of Action and Milestones (POAM), and Certification and Accreditation (C&A) documentation leveraging online record keeping systems Identifying missing, inaccurate, or duplicate data

  • Establishing and maintaining strong relationships with the organization’s Information Systems Security Managers (ISSM) and seeking guidance for approval, as needed

  • Working with the team to mitigate the risk elements (POAMs) identified during assessment and seeking validation from enterprise security depending on level of risk element

  • Facilitating and attending Technical Exchange Meetings (TEMs) with engineers and other partners to gather requirements for project registration and control implementation

  • Supporting weekly and ad hoc reporting requirements

  • Preparing and presenting briefing material

You’ll Bring These Qualifications:

  • Typically requires bachelor's degree or equivalent and 7 plus years of directly related experience

  • Minimum of 7 years ISSE /System Engineering experience, or directly related.

  • Experience with implementing NIST 800-53 controls/ICD 503

  • Knowledge of the NRO environment and the Xacta 360 tool to navigate projects through the RMF process to achieve IATT & ATO

  • Experience participating in Assessment and Authorization (A&A) process to include designing, implementing, testing, and work off plans for security controls

  • Experience preparing systems security documentation (e.g., security plans, risk assessment reports, Plan of Actions and Milestones (POA&Ms), etc.)

  • Experience with Continuous Monitoring, mitigating scan findings, maintaining network cut sheets/PPS sheets

  • Experience with system integration and hardening in the cloud environment

  • Experience working with engineers and system administrators to correct scan findings / system vulnerabilities

  • Experience with applications hosted by DISA

  • DFARS compliance experience

  • Must have a current and active TS/SCI with CI Polygraph to begin employment

  • Must have current Security+ Certification or another DoD 8570 Complaint IA Certification, or ability to obtain immediately upon hiring

  • Vulnerability assessment scanning experience (Security Center/NESSUS)

These Qualifications Would be Nice to Have:

  • Information Systems Security Officer (ISSO) knowledge and/or experience

  • Experience with developing test plans for information systems

  • Demonstrated experience with Linux (Red Hat)

  • Experience with DevSecOps

  • Familiarity with code quality and code analyzing security tools

  • Experience with Amazon Web Services (AWS): Should have current or ability to obtain an Amazon Cloud certification, such as AWS Certified Solutions Architect – Associate or AWS Certified Security Specialty

  • Audit log review: ability to query and perform analysis in Netwitness, Splunk, etc

What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives

  • We offer competitive benefits and learning and development opportunities

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities

  • For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Job Location


CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.