CACI International Senior Information Systems Security Officer (ISSO) in Philadelphia, Pennsylvania
Senior Information Systems Security Officer (ISSO)
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: None
Employee Type: Regular
Percentage of Travel Required: None
Type of Travel: None
CACI is seeking an Information Systems Security Officer (ISSO) Sr to join our team on a contract supporting the Department of Homeland Security. in Philadelphia, PA.
The Information Systems Security Officer (ISSO) shall provide support to the designated Information System Security Officers (ISSO) to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A and NIST SP guidance.
This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation is kept up to date; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.
About the Role:
Serve as the Information Systems Security Officer. Responsibilities include:
Prepare all reports and required deliverables, attend client and staff meetings
Train more junior members of the staff in new technologies, current tools (CSAM) and FISMA, DHS 4300, NIST 800 and FIPS requirements
Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts in the Cyber Security Assessment and Management (CSAM) Tool.
Ensure proper access controls are implemented for both system access and physical access to data processing facilities
Create, update, and assess compliance of system Authority to Operate (ATO) packages
Provide information security expertise to system development teams throughout the System Engineering Lifecycle process
Ensure Plan of Action & Milestone (POA&M) reports are maintained and that security vulnerabilities are tracked and remediated
Implement and apply technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
Maintain network device and information security incident, damage and threat assessment programs
Investigate network device and information security incidents to determine extent of compromise to national security information and automated information systems
Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption
Design, develop, or recommend integrated system solutions ensuring proprietary/confidential data and systems are protected in accordance with mandated standards
Configure and validate secure systems, tests security products/systems to detect computer and information security weakness
Generate security architecture documentation and provide critical written and verbal analyses of previously generated security architecture documentation and vulnerability and risk assessments
Design and implement plans of action and milestones to remediate findings from vulnerability and risk assessments
Provide information assurance for digital information, ensuring its confidentiality, integrity, and availability
Grant of authorization to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indicia of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards
Ability to obtain DOD security clearance
DHS EOD suitability or Current DHS EOD preferred
BS/BA + 8 years of applicable experience
Minimum previous experience as Splunk Core Certified User or Splunk Core Certified Power User
At least five years of experience working with FISMA
Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security
Knowledge of information security best practices, Enterprise Architecture, DHS experience
Experience with Xacta IA manager
CAP – Certified Authorization Professional
Previous DHS or DoD experience
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.