CACI International Information Assurance Engineer in Lackland Air Force Base, Texas
Information Assurance Engineer
Job Category: Security
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 25%
Type of Travel: Outside Continental US
CACI is seeking an Information Assurance Engineer to support the F3I-2 Air Force program at Lackland AFB, TX. The Cyber Security employee will be based in San Antonio, TX at 35th IS, Lackland AFB, TX. The desired candidate will have experience assessing risk in networks (performing audit, test, assessment, or similar functions); identifying unpatched vulnerabilities, misconfigurations, and defects in other security controls specified in NIST SP 800-53A; implementing the functions identified in the Air Force Cybersecurity Program and the NIST Risk Management Framework (NIST SP 800-37) to identify and communicate system and program risk to decision makers. Additionally, the desired candidate will have experience in preparing, processing, assessing, validating and maintaining RMF assessment and accreditation (A&A) packages using Xacta; and the understanding of auditing information systems and networks utilizing cyber tools such as Splunk, Host-Based Security System (HBSS), ZENMAP, SCAP Compliance Checker (SCC) and Assured Compliance Assessment Solution (ACAS).
What You’ll Get to Do:
Support the cyber security mission of 35th IS information systems (IS) and networks.
Evaluate cybersecurity compliance of all 35 IS systems against current NIST and DoD Cybersecurity policies as outlined in AFI 17-101, ICD 503, NIST SP 800-37 and 800-53.
Analyze and advise on the risk and remediation of security issues based on reports from security assessments, vulnerability assessment scanners, patch management tools, and emerging threat information.
Act as the Information System Security Officer (ISSO) in managing the A&A packages throughout the system lifecycle, by conducting all periodic reviews, tracking remediation efforts through the Plan of Actions and Milestones (POA&M), and uploading and managing Body of Evidence (BoE) documents, scans, and other artifacts in Xacta.
Assist fellow ISSOs in applying for Certificate-to-Field (CtF) for software.
Assist other ISSOs in managing the ports, protocols, and services management (PPSM) registrations by performing scans and risk assessments using available tools.
Support the integration and testing of system level security requirements which may include researching, verifying and documenting cybersecurity controls in order for the systems to be accredited.
Perform system security scans and vulnerability scans using ACAS, and maintain records of such scans, as required by A&A guidelines.
Provide routine system-level monitoring, audit reviews, and compliance reporting utilizing Splunk and ACAS for the identification of security relevant external or internal impacts, threats, and policy violations.
Develop and maintain A&A documentation including Standard Operating Procedures (SOP), Security Control Concept of Operations (SCCONOPS), Continuous Monitoring Strategy, Disaster Recovery Plan (DRP), Incident Response Plan (IRP), Configuration Management Plan (CMP), Auditing policies, account management policies, test plans and other documents to support certification of compliance to applicable standards.
Participate in the change management process, including conducting security impact analyses, making recommendations based on relevant security and privacy trends and technology.
You’ll Bring These Qualifications:
Active TS/SCI security clearance.
Bachelor’s degree (in IS Technology, Computer Science or related field) or 4-7 years equivalent experience.
DOD Directive 8570 IAT II certification (Security+ or equivalent).
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. As such, any offers of employment may be contingent upon COVID-19 vaccination or an approved accommodation. All new hires are required to report their vaccination status.