Cyber Engineer - SME
Job Category: Engineering
Time Type: Full time
Minimum Clearance Required to Start: Top Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Continental US
What You'll Get to Do :
The program level Cyber Security Administrator is responsible for conducting cross-organizational information system security engineering activities, refines information security requirements and ensures its integration into information technology component products and information systems through purposeful security design, configuration, and continuous monitoring. Ensures compliance across the organizations within W-TRS.
More About the Role:
Work with systems architects/engineers to develop EIPs encompassing all required security controls; analyze system requirements and ensure compliant security mechanisms are in place; begin development of compliant body of evidence; ensure all CSfC documentation/HW/SW is compliant with DoD requirements.
Provide guidance and input on information security Risk Management Framework (RMF) for DoD, and NIST RMF accreditation testing and evaluation.
Maintain, configure, and analyze network and host-based security platforms.
Assign access level and/or privileges based on user's need to know.
Enforce Enterprise level established security policies and conduct
vulnerability scanning and analysis of systems and tools. Formulate and
implement security certification methods for projects/programs
conforming to DoD and Federal Cyber Security requirements.
Advise on best practices of design, development, and continuous
monitoring of an information system.
Advise on vulnerability management and security scanning practices.
Apply knowledge of Information Assurance policies, procedures, and
workforce structures to design, develop, and implement secure
networking, computing, and enclave environments. Support security
planning, assessment, risk analysis, and risk management using the Risk
Management Framework (RMF) in execution of the RMF processes
including the completion of RMF process steps in eMASS, the
development of RMF artifacts (Security Plan, POA&M, Continuous
Monitoring Plan, Risk Assessment Report, etc.), and the implementation
and assessment of Security Controls and Control Correlation Identifiers
(CCIs).
Identify overall security requirements for the proper handling and
protection of government data.
Maintain and update relevant information system, process documentation, and develop ad-hoc reports as needed.
Successfully manage time and technical responsibilities, set accurate expectations, and meet deliverable deadlines while working in a team and information sharing environment.
Coordinate with ISSM/ISSO to update POA&M and reflect open vulnerabilities associated with operation Hardware and software baselines, develop remediation plans to include milestone completion dates and status updates, and include mitigation process for closed vulnerabilities.
Travel to other CACI Locations or Customer Sites as necessary.
Perform other duties as required and, if required, obtain/retain a government security clearance at the level required to perform the duties of the position.
You'll Bring These Qualifications:
Current Active U.S. Department of Defense Secret Security Clearance.
Bachelor's degree in computer science or related field and 7+ years of related experience with working knowledge of current Cyber technologies and experience with NIST 800 Series and DoD 8570 regulations and governing DISA STIGs and/or SRGs.
Understanding of Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Assessments (IAVAs).
Prior experience with RMF controls, risk assessments, and POA&M generation.
Strong working knowledge of Confidentiality, Integrity, and Availability (CIA) concepts, to include 2-factor authentication, Public Key encryption techniques, patch management, end-point security systems, intrusion detection, security event management and defense-in-depth.
Well versed in DoD cyber security Assessment and Authorizations (A&A) DoD Implementation, Directives, NIST Special Publications and other government cyber security standards, policies, and directives.
Experience completing and review DISA Security Technical Implementation Guides (STIGs).
Experience conducting risk analysis on products and system components through review of CVEs, plugins, IAVAs.
Experience onboarding assets to centrally managed Enterprise solutions.
Application Security Architecture and Design experience.
Security Compliance Operations and Application Security Assessment experience.
DoD 8570.01 IAT level 2 or greater cyber security certification per DoD 8570.01 (such as Security+).
Possess strong speaking, writing, and presentation skills, as well as the ability to persuade, inspire and lead through influence.
Possess analytical and problem-solving skills necessary for quickly developing recommendations based on quantitative and qualitative data from many different types of sources.
Experience designing secure networks, systems, and application architectures.
Experience planning, researching, and developing security policies, standards, and procedures.
Ability to communicate network security issues to peers and customers.
These Qualifications Would Be Nice to Have :
Prior ISSE experience with a Department of Defense (DoD) customer.
Additional cyber and/or IT certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA's Advanced Security Practitioner (CASP).
Knowledge of risk assessment tools, technologies, and methods.
Systems integration experience.
Company Overview:
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits)
The proposed salary range for this position is:
$85,000 - $178,600