CACI International Information Systems Security Engineer - ISSE (25% Profit Sharing) in Las Cruces, New Mexico

Job Description

What You’ll Get to Do:

We are looking for a talented Information Security Specialist that is excited about the dynamic intelligence community space and is knowledgeable in information assurance and Assessment & Authorization (A&A) processes. This is your opportunity to work with talented engineering and development teams building novel solutions that fulfill intelligence community needs. Responsibilities for this position include:

  • Serve as information security engineer for an IC program, reviewing all software, hardware, and infrastructure changes on the contract.

  • Apply best practices and processes to capture, refine, and assist in the prioritization of requirements based on risk, engineering principles, and mission requirements.

  • Conduct security analysis of system security architectures, identify vulnerabilities, and provide suggested mitigation alternatives.

  • Participate in design, development, and implementation of information systems to ensure these systems are in compliance with required security features and safeguards.

  • Security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.

  • Coordinate with appropriate Security Control Assessors (SCAs) early in engineering design phase for ongoing coordination, understating in development and application of security controls, and security tradeoffs and other decisions.

  • Capture meeting minutes for all security-related meetings, milestones, and test events

  • Complete Categorize System step in Xacta to conduct SRTs

  • Onboard with Enterprise Security Services (ESS).

  • Evaluate scan results and work with system developers and system administrators to eliminate or mitigate findings.

  • Generate and Maintain SRRs for all system assets

  • Complete implementation details for IASD Rev C Security Control List (SCL) across multiple security enclaves

  • Assume full responsibility for all Risk Management Framework (RMF) Assessment and Authorization (A&A) artifacts, to include: Certification Test Plans (CTPs), Privileged User Guides (PUGs), Configuration Management (CM) Plans, Contingency/Disaster Recovery Plans (DRP), Continuous Monitoring (ConMon) Plans, Security Drawing Packages, Equipment Application Lists, and Ports, Protocols, and Services (PPS).

  • Update and finalize Xacta records for all system assets.

  • Conduct DT&E, as necessary, with Security Control Assessors (SCAs) for all system assets.

  • Review POA&Ms provided by DAO/DAO reps for all system assets.

  • Perform Continuous Monitoring for all system assets.

  • Other tasks deemed necessary for continuous maintenance and improvement of the contract’s security posture.

You’ll Bring These Qualifications:

  • Demonstrated competency in engineering related functional or cross-functional security areas (e.g., security engineering, IT operations security design, cybersecurity).

  • Working knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.

  • Working knowledge of DCID 6/3. ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures.

  • Working knowledge of DoD/IC system security control requirements, roles, missions, and operational enterprise architecture.

  • Working knowledge of information security systems engineering principles and virtual machine technology.

  • Working knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).

  • Working knowledge of network access, identity, and access management (e.g., PKI).

  • Skill in discerning the protection needs (i.e., security controls) of information systems and networks.

  • Experience performing System Security for NRO programs (working a system through the RMF process).

  • Experience writing CTPs based on DISA STIGs.

  • Experience executing CTPs for witness testing.

  • Experience working with engineers and system administrators to correct scan findings / system vulnerabilities.

  • Strong communication and negotiation skills.

  • Strong planning and organizational skills.

  • Ability to work closely with system engineers and developers to complete all security-related artifacts and maintain security posture of all systems.

  • Typically requires a Bachelor’s degree and 7 plus years of directly related experience.

  • Active TS/SCI with CI Polygraph

Required Certifications:

  • Security+ or CISSP Certification is required

These Qualifications Would be Nice to Have:

  • Working knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization guidelines) relating to system design.

  • Skill in translating security requirements into functional requirements and options for developers.

  • Skill in security control inheritance from enterprise security services and communicating these to developers.

  • Skill in designing security controls based on IA principles and tenets.

  • Skill in identifying gaps in technical capabilities and in talking to others to convey information effectively

  • Bachelor’s degree in CS, EE, IS, or related

  • Experience using NESSUS / Security Center.

  • Previous System Administrator experience.

  • Experience working in the Government cloud environment.

  • Experience working on Agile development programs.

What We Can Offer You:

Additional BITS Information:

Not to mention BITS benefits are quite unique. Basically, BITS benefits equate to 50% of salary on TOP of your base salary. The first part is a tax-qualified profit sharing retirement plan to which BITS annually contributes up to 25% of your base salary (not in excess of applicable IRS limits) to your retirement account under the plan. The second part consists of BITS' Individual Benefit Account Plan (the IBA), which is used for premiums, medical reimbursements, dependent care, education and BITS' Paid Time Off (PTO) Policy. Both components of the BITS benefit package are paid for by BITS in addition to your base salary and potential performance bonuses. http://www.caci.com/bit-systems/benefits.shtml

We believe in healthy home/ work balance; both our locations offer a wide variety of activities to balance with your work life. Check us out at http://www.caci.com/bit-systems/

DACOHP-MCW

What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post.

  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

  • We offer competitive benefits and learning and development opportunities.

  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

  • For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Job Location

US-Las Cruces-NM-LAS CRUCES

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.