Job Information
CACI International Information Systems Security Officer (ISSO) in Ashburn, Virginia
Information Systems Security Officer (ISSO)
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
The Opportunity:
CACI’s Agile Solution Factory (ASF) is hiring an Information System Security Officer (ISSO) to support management of a secure facility and the systems associated with it based in Ashburn, VA! Join this passionate team of industry-leading individuals supporting the Best Practices in Agile Software Development for the Department of Defense.
ASF programs thrive in a culture of innovation and are constantly seeking individuals who can bring creative ideas to solve complex problems, both technical and procedural at the team and portfolio levels. The ability to be adaptable and to work constructively with a technically diverse and geographically separated team is crucial.
The qualified applicant will be well versed in all technical aspects of the position requirements. They will act as liaison for all IA relevant tasking between government customer security offices and project management to ensure coordination and resolve any IA related issues or concerns and be well-versed in multi-tasking across several IA tasks at the same time.
The qualified applicant will need to have a deep technical understanding of Cybersecurity practices, delivering secure and reliable hardware and software solutions in short sprints. They will work as an integral part of a highly productive team of seasoned technical professionals who thrive on supporting our customer's mission and growth objectives– responsible for designing, developing, leading, and implementing the implementation of secure facilities and communications between the contractor and government agencies.
The candidate will be responsible for the management and maintenance of all security artifacts related to managing a classified facility including COMSEC duties, maintaining access control lists (ACL), Standard Form (SF) Forms 700, 701, and 702 in accordance with Federal, DOD, and Army guidelines, and facilitating collaborate with the Facility Security Officer (FSO), government, and internal teams to ensure an optimal security posture.
They must have a working knowledge of enterprise class information assurance requirements and network security and survivability.
This position is responsible for ensuring that all assigned work activities are performed in a timely, secure, compliant and cost-effective manner while maintaining the highest quality of performance, with some supervision.
Responsibilities:
The ISSO is responsible for the Information Assurance and Security system and network services. Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; responsibilities include:
Develop, implement, and review the organization's information security to protect information and prevent unauthorized access.
Meet the government’s cybersecurity accreditation process to achieve an Authority to Operate (ATO).
Maintain the Security Authorization or Authorization to Operate (ATO) of secure facilities and assigned systems and conduct initial and annual risk assessments.
Identify required STIGs and guide system certification based on project requirements.
Prepare a certification package, including STIG assessment and documentation, vulnerability and scan assessments, and conduct quarterly software security reviews.
Ensure all security measures comply with applicable government policies.
Maintain DoD Collateral open storage areas according to 32 CFR Part 117, NISPOM.
Collaborate with the Facility Security Officer (FSO), government, and internal teams to ensure an optimal security posture.
Develop, implement, and modify security operating policies for facility activities.
Assist the FSO with all aspects of the physical security measures of the secure facility.
Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, SCTM)
Develop, monitor and resolve Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned facilities and Information Systems
Maintain access control lists (ACL), Standard Form (SF) Forms 700, 701, and 702 IAW Federal, DOD, and Army guidelines.
Perform facility alarm tests and respond to alarm events, when required.
Participate in internal and external security audits and inspections and perform risk assessments.
Oversee and manage the COMSEC program.
Oversee COMSEC inventory, key management, and COMSEC incident investigation and reporting.
Required Skills:
Must be a U.S. Citizen, with an active Government security clearance.
College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline or equivalent years of experience.
Certifications: Must have Security+ Certification or equivalent DOD 8570 IAT Level 2 certification. CISSP certified a plus.
Demonstrated knowledge of National/DoD/Army Directive security policies including, but not limited to:
DoD 5220-22-M, National Industrial Security Program Manual, incorporating Change 2, May 18, 2016.
Defense Security Service, National Industrial Security Program (NISP) Assessment and Authorization Program Manual (DAAPM), version 2.2, 31 August 2020.
DOD Instruction 8500.01, Cybersecurity, 14 March 2014 incorporating Change 1, 7 October 2019.
DOD Instruction 8510.01, Risk Management Framework (RMF) for DOD Information Technology (IT), 19 July 2022
NIST SP 800-53, Rev 4, Security and Privacy Controls for Federal Information Systems and Organizations
Army Regulation 380–27, Control of Compromising Emanations, 22 July 2014.
Demonstrated knowledge of directive, guidelines, processes, and procedures for maintaining the security, integrity, and confidentiality of secure facilities, containers, and communications.
Demonstrated experience using eMASS.
Demonstrated knowledge of DOD RMF accreditation implementation
Ability to identify and manage risk.
Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement.
Excellent written and verbal communication skills.
Strong collaboration skills and desire to work within a team.
Understanding of all elements of the DOD Cybersecurity policies and requirement
Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
Professional Experience: 10+ years related technical experience.
Desired Skills:
Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, Web Gateways, and/or enterprise Antivirus software technologies.
Experience with continuous integration tools and environments
Demonstrated knowledge and experience with ISO 27000 information security management principles.
Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas.
Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness.
Experience with scripting languages such as Perl, VBScript, Ruby, etc.
Experience with Computer Network Defense (CND) processes, procedures, and tools.
Acts independently to expose and resolve problems
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.
An environment of trust.
CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci)
Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) .
The proposed salary range for this position is:
$109,800 - $241,600
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.