Senior Information Systems Security Officer (ISSO)

Employer
CACI
Location
National Harbor, MD, United States of America
Posted
Nov 23, 2022
Closes
Dec 23, 2022
Ref
273009
Function
IT
Hours
Full Time
Senior Information Systems Security Officer (ISSO)
Job Profile:
Cyber Security T4

JR Type:
Evergreen
Job Category:
Information Technology
Minimum Clearance Required to Start:
None
Percentage of Travel Required:
Up to 10%
Type of Travel:
Local
Program/Opportunity Name:
Program | DHS DeskTop
Referral Bonus Plan:

Job Description:

CACI is seeking an Information Systems Security Officer (ISSO) to join our team.

About the role:

The Information Systems Security Officer (ISSO) shall provide support to the designated Information System Security Officers (ISSO) to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A and NIST SP guidance.

This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation is kept up to date; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.

More About the Role:

  • Work location is one of either Oxon Hill, MD; Stennis, MS; or Chandler, AZ
  • Prepare all reports and required deliverables, attend client and staff meetings
  • Train more junior members of the staff in new technologies, current tools (XACTA) and FISMA, DHS 4300, NIST 800 and FIPS requirements
  • Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts in the Xacta Information Assurance Manager
  • Ensure proper access controls are implemented for both system access and physical access to data processing facilities
  • Create, update, and assess compliance of system Authority to Operate (ATO) packages
  • Provide information security expertise to system development teams throughout the System Engineering Lifecycle process
  • Ensure Plan of Action & Milestone (POA&M) reports are maintained and that security vulnerabilities are tracked and remediated
  • Implement and apply technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.
  • Maintain network device and information security incident, damage and threat assessment programs
  • Investigate network device and information security incidents to determine extent of compromise to national security information and automated information systems
  • Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption
  • Design, develop, or recommend integrated system solutions ensuring proprietary/confidential data and systems are protected in accordance with mandated standards
  • Configure and validate secure systems, tests security products/systems to detect computer and information security weakness
  • Generate security architecture documentation and provide critical written and verbal analyses of previously generated security architecture documentation and vulnerability and risk assessments
  • Design and implement plans of action and milestones to remediate findings from vulnerability and risk assessments
  • Provide information assurance for digital information, ensuring its confidentiality, integrity, and availability
  • Grant of authorization to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indicia of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards


Required Qualifications:

  • Ability to obtain DOD security clearance
  • DHS EOD suitability or Current DHS EOD preferred
  • MS/MA + 10 years of applicable experience or BS/BA + 16 years of applicable experience
  • At least five years of experience working with FISMA
  • Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security
  • Knowledge of information security best practices, Enterprise Architecture, DHS experience
  • Experience with Xacta IA manager


Preferred Qualifications:

  • CISSP certification
  • CAP - Certified Authorization Professional
  • Previous DHS or DoD experience


This position description is not an active opening but is representative of positions within CACI that are consistently available. Individuals who apply may also be considered for other positions at CACI.

What We Can Offer You:
  • We've been named a Best Place to Work by the Washington Post.
  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
  • We offer competitive benefits and learning and development opportunities.
  • We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
  • For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.


DHSHP

Company Overview:

CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.

Similar jobs