Information Assurance
Job Category: Security
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 25%
Type of Travel: Outside Continental US
The Information Assurance (Cybersecurity) employee will be based in San Antonio, TX at 35th IS, Lackland AFB, TX.
The desired candidate will have experience assessing risk in networks (performing audit, test, assessment, or similar functions); identifying unpatched vulnerabilities, misconfigurations, and defects in other security controls specified in NIST SP 800-53A; implementing the functions identified in the Air Force Cybersecurity Program and the NIST Risk Management Framework (NIST SP 800-37) to identify and communicate system and program risk to decision makers. Additionally, the desired candidate will have experience in preparing, processing, assessing, validating and maintaining RMF assessment and accreditation (A&A) packages using Xacta; and the understanding of auditing information systems and networks utilizing cyber tools such as Splunk, Endpoint Security Solutions ( ESS)/ Trellix, SCAP Compliance Checker (SCC) and Assured Compliance Assessment Solution (ACAS)/ Tenable.
Selected candidate for hire MUST have their TS/SCI prior to hire.
What You'll Get to Do:
Support the cyber security mission of 35th IS information systems (IS) and networks.
Evaluate cybersecurity compliance of all 35 IS systems against current NIST and DoD Cybersecurity policies as outlined in AFI 17-101, ICD 503, NIST SP 800-37 and 800-53.
Analyze and advise on the risk and remediation of security issues based on reports from security assessments, vulnerability assessment scanners, patch management tools, and emerging threat information.
Act as the Information System Security Officer (ISSO) in managing the A&A packages throughout the system lifecycle, by conducting all periodic reviews, tracking remediation efforts through the Plan of Actions and Milestones (POA&M), and uploading and managing Body of Evidence (BoE) documents, scans, and other artifacts in Xacta.
Assist fellow ISSOs in applying for Certificate-to-Field (CtF) for software.
Assist other ISSOs in managing the ports, protocols, and services management (PPSM) registrations by performing scans and risk assessments using available tools.
Support the integration and testing of system level security requirements which may include researching, verifying and documenting cybersecurity controls in order for the systems to be accredited.
Perform system security scans and vulnerability scans using ACAS, and maintain records of such scans, as required by A&A guidelines.
Provide routine system-level monitoring, audit reviews, and compliance reporting utilizing Splunk and ACAS for the identification of security relevant external or internal impacts, threats, and policy violations.
Develop and maintain A&A documentation including Standard Operating Procedures (SOP), Security Control Concept of Operations (SCCONOPS), Continuous Monitoring Strategy, Disaster Recovery Plan (DRP), Incident Response Plan (IRP), Configuration Management Plan (CMP), Auditing policies, account management policies, test plans and other documents to support certification of compliance to applicable standards.
Participate in the change management process, including conducting security impact analyses, making recommendations based on relevant security and privacy trends and technology.
You'll Bring These Qualifications:
Active TS/SCI security clearance.
Bachelor's degree (in IS Technology, Computer Science or related field or 4-7 years equivalent experience.
DOD Directive 8570 IAT I or II certification (Security+ or equivalent).
What We Can Offer You:
We've been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
For over 60 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.
Company Overview:
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits)
The proposed salary range for this position is:
$65,000 - $136,500
