Cyber Security Engineer

Omaha, NE, United States of America
Nov 23, 2022
Dec 23, 2022
Full Time
Cyber Security Engineer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Local

CACI is seeking an Information Systems Security Manager (ISSM) Cyber security professional to join our team supporting Department of Defense (DoD) clients in Omaha, NE. If you are looking for your next career challenge with a highly skilled development team, CACI would like to speak with you. As a Cyber Security expert, you will work with the team to ensure that any network or application within the client's purview desiring connectivity to the client'scloudcomputing environment meets all security requirements and specifications according to DoD Instruction 8510.01 Department of Defense Risk Management Framework (RMF).

What You'll Get to Do:
  • Manage extensive security evaluations of information systems and networks and the remediation of security control weaknesses, prepares evaluation reports, and presents recommendations.
  • Conduct trade-off analyses of products for clients to determine optimal information securitysolutions.
  • Maintain a high level of familiarity with the major Federal Government Information Security policy guidance and directives.
  • Perform physical security tasks in accordance with the DoD 5200.1-R, Information Security Program Regulation, Administrative Instruction 26 Information Security Supplement to DoD 5200.1-R and Executive Order 12958 (as amended)-Provide ongoing security training to the client's on-site personnel.
  • Ensure the physical environment of the computers and their terminals are properly secured and meets all Operation Security (OPSEC) requirements.
  • Conduct structured walk-throughs based on Continuity of Operations Plans to ensure integrity of the network's ability to reconstitute normal system functions including reinstallation of applications after a catastrophic failure

More About the Role:
  • Coordinate Assess and Authorize (A&A) requirements for the client's systems in accordance with DoD Instruction 8510.01 RMF.
  • Ensure each network or system is operated, maintained, and disposed of in accordance with DoD security policies and practices and System Security Plan.
  • Ensure application, system, environment, or organizational changes do not have an adverse effect on the security posture of the system security compliance and assessment.
  • Determine the extent a system change may affect the security posture of either the information system or the computing environment and ensuring the implementation of such change are documented in the Enterprise Mission Assurance Support Service (eMASS), System Security Plans, and site operating procedures.
  • Review and approve Software Assessment Report (SwAR), including code and application scans, for the inclusion of web-based IT Products (Web Application Software) into accredited enclaves and verify the findings from completed code reviews have been addressed properly as to not pose a threat to the network.
  • Coordinate corrective actions for information assurance (IA) incidents identified by the customer's CSSP and ensure all security-related incidents are documented and reported to the AO and AODR. Capture incident metrics. Evaluate incidents for patterns to minimize future risk.
  • Monitor and validate vulnerability postures in Assured Compliance Assessment Solution (ACAS), and ensure all systems comply with DISA Security Technical Implementation Guidelines (STIG)s and with CSSP HBSS requirements.
  • Ensure and approve Plan of Action and Milestones (POA&M) are in place for vulnerabilities that cannot be remedied at the time of the finding.
  • Manage server and system/application IA requirements throughout the Software Development Lifecycle (SDLC).
  • Coordinate with the client's government-appointed Activity Security Representative (ASR) to support physical security for the primary office location.

You'll Bring These Qualifications:
  • A DoD TS/SCI level clearance.
  • Bachelors Degree in technical field and 8 years' experience in a DoD environment.
  • Security + certification or higher.
  • An understanding of the relationship between system controls and how they affect system security.
  • Experience using eMASS as a system certification and accreditation tracking tool.
  • A minimum of 3 years of practical experience transitioning to and operating within RMF in DoD applications.
  • Experience in initial risk assessment activities and ability to assist Authorizing Official risk determination with risk acceptance.
  • Operational knowledge of HP Fortify or similar system vulnerability scanning tools, to include reviewing results of custom software security scans.
  • Experience as a subject matter expert of the DoD STIGs and DoD policies pertaining to DoD IT.
  • Demonstrated experience developing accreditation documentation in a DoD environment.

These Qualifications Would be Nice to Have:
  • Experience with AWS.
  • Experience in initial risk assessment activities and ability to assist Authorizing Official risk determination with risk acceptance.

What We Can Offer You:

- We've been named a Best Place to Work by the Washington Post.

- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

- We offer competitive benefits and learning and development opportunities.

- We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.

- For over 60 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.

Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.

Similar jobs