CACI International Cyber Security Specialist (RMF) in Fort Belvoir, Virginia
Cyber Security Specialist (RMF)
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
CACI is looking for a Cyber Security Specialist with relevant Program Protection experience to provide Cyber Security and Program Protection support in an Army Product Management office. Function as an expert in all aspects of Information Security processes and implement all elements of Program Protection supporting electronic tactical systems. Travel may be required. Remote telework may be considered, however position will require some amount of routine onsite presence at Ft. Belvoir, VA.
What You'll Get to Do:
Create and manage all cybersecurity documentation.
Initiate and develop System Security Plans using Enterprise Mission Assurance Support System (eMASS).
Initiate and maintain Risk Management Framework (RMF) for all client systems and manage the process through assessment and authorization.
Maintain Army Portfolio Management System (APMS) records for all client IT systems.
Provide guidance concerning all aspects of IT governance and cybersecurity, e.g. design and risk evaluation, throughout the entire IT Lifecycle from pre-conception to decommissioning and provide essential information to decision makers.
Maintain governance of the Department of Defense (DOD) Operation of the IT Life Cycle and RMF.
Coordinate the technical aspects of cyber security into the entire life-cycle from idea, to conception, test, interoperability, training, fielding, authorization, maintenance and decommissioning.
Review all RMF documentation to ensure accuracy, completeness, and meeting standards.
Support the Program Office in maintaining DOD Inspector General (IG) Command Cyber Readiness Inspection (CCRI), Clinger-Cohen Act, Privacy, and Federal Information Security Modernization Act (FISMA) and any other compliance reporting.
Manage security systems and analyze potential threats and vulnerabilities to client systems.
Provide expert level security analysis services for product, system, and network architecture designs.
Analyze Assured Compliance Assessment Solution (ACAS) scan results and report, develop and document mitigations and remediation for open findings.
Conduct Annual FISMA Reporting Requirements for all IT systems
Develop and maintain plan of actions and milestones for all client systems.
Process and obtain Authority to Operate (ATO) certifications for tactical systems.
Develop and maintain all Assess and Authorize artifacts for multiple systems and facilitate the processing of Authority to Operate documentation.
Define and resolve 'information ownership' issues and identify levels of access to the systems user population.
Advise management in the steps to take to investigate and resolve computer security incidents.
Propose and conduct research of new security technologies.
Effectively prioritize multiple high-visibility projects and coordinate resources.
Develop, implement, and maintain Program Protection Plans for electronic tactical grounds systems.
Ensure Information Systems Security policies, procedures, and practices as well as other systems user groups are adhered to.
Execute all Program Protection Plan processes supporting electronic tactical ground systems.
Develop and maintain Security Classification Guides, Delegation of Disclosure Authority Letters, Program Protection Plans, System Security Plans, and Technology Assessment and Control Plans.
Provide outreach, guidance and support to project teams, IT developers and suppliers in the evaluation of tactical security architectures to assess the protection, detection, reaction and restoration capabilities of devices, systems and networks in protection of these assets.
Ensure cybersecurity requirements are understood, included in contracts, considered in the supply chain, and built into products and services bought, developed, tested, fielded and maintained in a manner that meets the intended use of the product or service, meets US, DoD and Army regulatory requirements.
Communicate complex technical requirements to non-technical personnel; and prepare briefings to senior officials on complex issues.
Perform cybersecurity analysis of tactical systems; research, test, and evaluate the cybersecurity posture of IT devices, systems and network architectures. Report on all IT-related artifacts, design, test, fielding, operations, or upgrade requests to ensure accuracy and completeness and support that risk acceptance standards are met per Army Acquisition and DoD Risk Management Framework (RMF) policies, and National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) standards and guidance with purpose to earn and sustain the Authorization to Operate (ATO) of applicable IT devices and systems in the DoD environment.
Determine the cyber security survivability posture of system software design and implementation in the framework of Risk Management throughout the materiel’s life cycle. Plan, direct, coordinate, and assess all concepts, equipment, and systems produced to ensure the cyber security posture meets Army requirements and the needs of the Warfighter. Coordinate tactical Cybersecurity architecture and integration for testing events to include Network Integration Evaluations (NIE), Army Integration Certification (AIC), Developmental Test & Evaluation (DOT&E), and Initial Operational Test & Evaluation (IOT&E). Performs tactical cyber security test and evaluation planning using threat penetration teams, cyber security vulnerability analysis, computer hardware, systems software, and computer system architecture and integration to include the evaluation of tactical network integration and satellite communications. Analyzes and assesses IT devices and systems security controls for threat, vulnerabilities and incidents related to PdM GSS IT networks, devices and systems that may impact Army assets (Soldier, information, reputation and information). Performs periodic reviews to determine the security posture of all PdM GSS acquisition systems and tactical networks to ensure compliance with all NIST, CNSS, DoD, and Army policies. Works with program managers to determine when new or updated authorizations are required.
Develop and maintain the organizational tactical security architecture plan. Establish the security framework for information processing and connection to Army networks. Address security plans for future systems. Provide recommendations in support of cybersecurity for Assessment and Authorization (A&A) or Assess-Only implementation of the Risk Management Framework (RMF) process for tactical systems and networks. Represent cybersecurity at integrated product team (IPT) and other meetings to interpret policies and requirements, resolve technical issues, establish criteria, and formulate approaches in support of projects, processes, and objectives.
You'll Bring These Qualifications:
Must have RMF, Cyber ITA+ and eMASS training.
Must have a current DoD 8140.01 approved IAT or IAM Level II or Level III Baseline Certification.
Typically requires a bachelor's degree or equivalent and 7 years of related experience.
Must have experience supporting Cyber Security requirements for electronic tactical systems.
Must have experience processing and managing the following: Authority to Operate (ATO) and Interim Authority to Operate (IATO), Annual Security Reviews, Incident Response and Contingency Plan Testing, Army Interoperability Certification Waiver, Certificate of Networthiness, Counter Intelligence Support Plan (CISP), Cybersecurity Strategy.
Must have intermediate level Program Protection experience including development and management of the following processes and documentation: Delegation of Disclosure Authority Letter, Program Protection Plans, Security Classification Guide, System Security Plan, Technology Assessment and Control Plan.
Must have experience as a contractor supporting Army officers (MAJ; LTC; COL) and collaborating with systems engineers, acquisition specialists, cost analysts, logisticians, and trainers.
Active Secret security clearance or above
These Qualifications are Nice to Have:
- Desire prior experience supporting electronic sensor systems and similar technical products.
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As required by Executive Order 14042, Federal contractor employees are required to be fully vaccinated against COVID-19 by December 8, 2021 regardless of the employee’s duty location or work arrangement (e.g., telework, remote work, etc.), subject to such exceptions as required by law. If selected, you will be required to be vaccinated against COVID-19 and submit documentation of proof of vaccination before starting employment with CACI.