Sign Up Sign Up Log In Sign Up
This job has expired and you can't apply for it anymore. Start a new search.

Information Systems Security Officer (ISSO)

Job Description


What You’ll Get to Do:

As a member of the program’s security team, and broadly supporting the program’s technical team, you get to actively participate to maintain the security posture of the operational assets.  You will assist in the Risk Management Framework (RMF) processes, using the customer’s workflow management system (Xacta).


More About the Role:

You will assist in developing program response to security controls assessments that are an integral part of the Assessments and Authorizations process. You will perform security related tasks such as A&A scanning, comprehensive assessment testing, penetration testing, documentation, reporting and analysis requirements.

  • Participate in the Change Management process, to identify security relevant changes and help coordinate approval of same with Government security team.
  • Work with the technical team to provide security perspective on technology improvement efforts, including but not limited to reviewing and submitting software for Government approval, assessing and addressing vulnerabilities, and the overall security posture of proposed systems.
  • Perform A&A scanning to identify security vulnerabilities, and recommend systems changes to mitigate identified vulnerabilities.
  • Maintain the A&A status of the systems, through the Government Xacta tool, implementing ICD 503 processes.
  • Assist in developing program response to Government security inquiries and tasking.

You’ll Bring These Qualifications:

  • TS/SCI clearance must be obtainable, active is preferable.
  • Must have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment.
  • University Degree (BA/BS) or equivalent experience and minimum 5 years of related work experience.
  • Knowledge and experience in security disciplines including, but not limited to, information systems security, operations security, administrative security, personnel security, physical security and communications security.
  • Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
  • Ability to develop best practices for processes and standards that will better the system.
  • Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
  • Knowledge of security system design tools, methods, and techniques.
  • Knowledge of relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure.
  • Knowledge of DoD/IC system security control requirements
  • Knowledge and experience with XACTA
  • Knowledge of ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and the NGA security controls assessment criteria/procedures
  • Knowledge of industry information security standards and protocol
  • Knowledge of known vulnerabilities from alerts, advisories, and bulletins


These Qualifications Would be Nice to Have:
  • Experience with ICD 503 and working knowledge of Risk Management Frame work as outlined in NIST SP 800-37.
  • Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
  • Knowledgeable in continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques.
  • Knowledgeable in information system vulnerability analysis and management.
  • Must have a thorough knowledge of IT including but not limited to network sub netting.
  • Experienced in system testing methodologies that include: Penetration testing, Configuration analysis, Security best practices validation
  • Experienced in security testing and penetration tools
  • Proficient in the use of Microsoft Application tools (i.e. Excel and PowerPoint)
  • Experience within the Intelligence Community

What We Can Offer You:

- We’ve been named a Best Place to Work by the Washington Post.

- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

- We offer competitive benefits and learning and development opportunities.

- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.

- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Job Location

US-Santa Maria-CA-SANTA MARIA


 

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.





Send me email alerts for similar jobs

JOIN US