CACI International Information System Security Office, Compliance in International, Germany
Information System Security Office, Compliance
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular-Long Term Assignment
Percentage of Travel Required: Up to 10%
Type of Travel: Local
Are you interested in continuing your career in Europe in a mission focused environment? CACI has established and upcoming positions throughout the European theater supporting multiple customers for the Department of Defense. We are looking for experienced, innovative and motivated IT Specialists to support enablement of US EUCOM objectives.
What You’ll Get to Do:
CACI has an excellent opportunity for an experienced, self-directed, Cybersecurity Compliance, Project, and Engineering key contributor . This position is in support of a Department of Defense (DoD) organization, US EUCOM located OCONUS in Stuttgart, Germany. This position is required to stay OCONUS.
More About the Role:
The successful candidate must be able to communicate clearly and succinctly both written and orally, and present products and ideas in a business-like manner. The candidate will be required to work in dynamic fast paced environments that require team interaction and coordination of efforts. The candidate must be experienced in interfacing with both client managers and system users.
Conducts cybersecurity program/system security status assessments and supports the development of Cybersecurity program(s) including the development of policies and procedures in accordance with DoDI 8500.01 Risk Management Framework.
Develop and Manage RMF for on-premises and cloud environments in the eMASS tool to achieve Authorizing Official's (AO) Authorization Decision Document (ADD) utilizing the RMF Package Approval Chain (PAC) process
Serves as an ISSO supporting IL2/IL5/IL6 cloud environments for Infrastructure as Code (IaC), Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and enterprise Software as a Service (SaaS)
Tracks organizational cybersecurity compliance, ensures necessary remediation needs are communicated, tracks remediation through completion and ensures necessary cybersecurity documentation is accurate and in order.
Responsible for conducting a comprehensive assessment of the management, operational, and technical security controls employed within or inherited by information systems to determine the overall effectiveness of the controls.
Prepares for, assists with, and monitors cyber assessments (staff assistance visits [SAV], Command Cyber Readiness Inspections [CCRI], NSA Red and Blue Team assessments, vulnerability scans, assessment and authorization [A&A] reviews).
Develops technical standards (SOP\TTPs, technical implementation instructions, or other required documentation) for security focused processes, security operations and other operations as required for Government approval.
Works closely with defensive cybersecurity operation (DCO) teams to identify, monitor and respond to cyber events\incidents from discovery to closure as a part of the local incident response policies.
Interacts with customers, IT staff, and high-level military officials to assist in defining and achieving required cybersecurity objectives for the organization.
Conduct Risk Assessments, determine the risk to operations, and provide risk recommendations to the customer after reviewing a system’s overall risk posture as part of the Security Authorization (Authority to Operate\Connect) process.
Through basic understanding of network security fundamentals, LAN\WAN switching technologies, routing technologies, infrastructure security technologies and services, reviews network architecture diagrams for cybersecurity compliance.
Responsible for assessing and authorizing the use of software and hardware across multiple enterprise networks.
Must have experience implementing with the following policies:
DODI 8510.01 Risk Management Framework (RMF) for DoD Information Technology
FEDRAMP certification process and DISA Cloud Access Point process
CJCSI 6510.01F Assurance (IA) and Computer Network Defense (CND)
CNSSI 1253 Security Categorization and Control Selection for National Security Systems
CJCSM 6510.01B Cyber Incident Handling Program
DODD 8140.01 Cyberspace Workforce Management
CJCSI 6211.02D Defense Information Systems Network (DISN): Policy and Responsibilities
JFHQ-DODIN TASKORDS, OPORDS, WARNORDS and GENADMINS
You’ll Bring These Qualifications:
Team building attitude, continuous learning record, and process improvement mindset
Currently hold an adjudicated Secret Clearance and qualify for a TS/SCI clearance
BA/BS + 8 years recent specialized or AA/AS +10 years recent specialized or a major cert + 12 years recent specialized or 14 years of recent specialized experience
DoD 8570 IAM III and IAT II Baseline Certification
Knowledge of DoD IT RMF, USCYBERCOM, and JFHQ-DoDIN
Advanced Proficiency in Microsoft Office Suite products (Word, Excel, PowerPoint)
Adaptable to changing circumstances and operational needs
These Qualifications Would be Nice to Have:
Microsoft Azure Certification (Server Administration)
Experience in DevOps methodologies and automation
Cisco Certified Network / CyberOps Associate
RedHat Certification Associate
Proficiency with Microsoft SCCM and/or other automatic reporting tools
Experience with Splunk
Understanding of Department of Defense Military standards
Experience with DoD IT security requirements
Experience managing asset accuracy to Critical Success Factors (CSF)
DoD 8570.01 Certification Compliance (CISSP, ISSEP, CISM)
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.