CACI International Cyber Security Engineer in Norfolk, Virginia
CACI is seeking a senior-level Information System Security Engineer (ISSE) to join our project team at Naval Station Norfolk. You will work as an integral part of a highly productive team of seasoned technical professionals who thrive on supporting our customer's mission and objectives. You will have a key role supporting the RMF assessment process for all of the customer’s current in service product releases. The selected candidate for this team will be recognized as a technical authority and SME on information security Risk Management Framework (RMF) for DODIT, and NIST RMF accreditation testing and evaluation.
What You Get to Do: You will apply your advanced/expert knowledge, experience and expertise in the Information Assurance disciplines of Cybersecurity Testing, Evaluation, Validation and Verification of traditional and non-traditional information systems. As a significant member of this team, you will be a position of influence and leadership, working independently on Navy engineering efforts and meeting strict standards, You’re confidant and comfortable enough to have your work products periodically checked by other stakeholders to ensure accuracy and validity. Additional duties may include:
Execute DoN RMF processes including the completion of RMF process steps in eMASS, the development of RMF artifacts (Security Plan, System Level Continuous Monitoring Plan, Risk Assessment Report, etc.), and the implementation of Security Controls in coordination with development project teams.
Design and development of plans, processes, and procedures for Navy information systems leading to authorization and Approval to Operate (ATO) of complex systems IAW Federal and DOD cybersecurity requirements.
Provide leadership in, and execution of, security test and evaluation methods, practices, and techniques associated with the assessment of Navy information systems.
Provide expert evaluation, assessment, and recommendations for project/program policy in support of system design, acquisition, development, deployment and operations in diverse security environments IAW National and DOD requirements.
Must be US Citizen.
Bachelor’s degree from a U. S. Department of Education accredited college or university with 7 + year’s minimum relevant experience
Possess active SECRET Clearance or higher.
Possess current DoD 8570 IAT Level 2 certification or higher (ex. CompTIA Security+, CASP, CISSP).
Have an advanced/expert knowledge of DoD Information Assurance and Cybersecurity policies, procedures and practices including the RMF and NIST SP 800-53.
Advanced/expert knowledge of Cybersecurity, Information Technology, Network Architecture, and/or related concepts.
Advanced/expert knowledge of administrating traditional and non-traditional network systems, components, and other Information Technology associated with military applications.
Advanced/expert knowledge of computers, networks, deployment environments (e.g., data center, cloud, etc.), systems and application security threats and vulnerabilities.
Advanced/expert knowledge of and skill in using DoD tools and capabilities for vulnerability assessments and compliance reporting (eMASS, ACAS, STIGs, SRGs, SCAP, XCCDF, etc.).
Experience implementing mitigation strategies and methods to resolve problems, and to lead re-testing and re-evaluation of affected systems.
Experience using analytical and critical thinking while conducting audits and assessments of complex technical systems.
Demonstrated skill and ability in planning, testing, evaluation of moderately complex operating systems (Windows and Linux), and networking hardware. Scope includes the demonstrated ability to implement the appropriate level of test rigor to verify/validate compliance of moderately complex systems
Ability to develop RMF artifacts, plan security assessment execution events, and report to cross-functional teams, IPT Leadership, Program Office personnel, and external Stakeholders.
Ability to advise team, project, and program leaders on applicable DOD/DON Security policy and guidelines for complex systems.
Ability to summarize and report vulnerabilities and weaknesses verbally and in writing to the appropriate level of leadership
Ability to advise, consult, and interact with technical team leaders and peers, as a team leader/SME.
Ability to lead a team of analysts and engineers to think logically and dynamically, while leading system security control assessments for certification, authorization, approval, risk analysis, reporting and continuous monitoring.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.