Cloud Security Engineer

Employer
CACI International Inc
Location
Herndon, VA
Posted
Apr 20, 2017
Closes
Apr 21, 2017
Industry
Engineering, Security
Hours
Full Time
Job Description: CACI Enterprise IT Business Group has an immediate opportunity for a Cloud Security Engineer to provide cutting edge services within the Intelligence Community. The candidate will serve as a contract systems and business analyst supporting organization wide cyber assessments. This position will deliver technical and programmatic solutions to support activities of the group to target, assess, exploit and report risks and vulnerabilities of organization systems in order to provide senior decision makers with actionable data to make strategic investment decisions. Roles and Resposbilities include, but are not limited to: - Shall provide support and lead analytical, programmatic and business activities in line with defined processes and procedures - Shall provide assessment operational support in order to streamline and maintain effective and efficient assessment workflow and operations - Shall maintain accountability to endure integrity and confidentially of the process - Shall provide support in delivering tools, techniques and guidance in order to increase quality in assessment written and technical products - Review and make recommendations on program-level documentation (eg, requirements specification, system architecture, design documents, test plans and security plans) - Provide quality assurance reviews on security evaluation test plan and procedures - Assist in researching, evaluating, and developing relevant information Security policies and guidance - Actively participate in or lead technical exchange meetings and application review boards, documenting action items/results of these events - Brief management, as needed, on the status of action items and/or results of these activities - Conduct hands-on systems analysis and engineering in order to deliver solutions to support assessment workflow and reporting processes - Coordinate with other program elements conducting security testing - Deliver solutions that enable the division to consistently assess/calculate risk based on threats, vulnerabilities and shortfalls uncovered in testing - Assist with the implementation, modification and improvement of the Sponsor's Risk Management Framework (RMF) workflow and its component parts - Assist with the development of standards and requirements for securing Sponsor IT systems - Assist in providing guidance on the population of required security documentation for both internal Sponsor documentation as well as RMF reciprocity documentation. RMF reciprocity documentation includes the Security Controls Traceability Matrix (SCTM), Systems Security Plan (SSP) and Concept of Operations, SSP Questionnaire, Continuous Monitoring Plan and Functional Testing Plans - Assist in the generation of monthly security relevant articles and metrics for distribution to Sponsor's senior leadership - Assist in the generation and deployment of web content in support of informing the Sponsor organization's population of new and existing standards , general FAQ, requirements and workflows - Assist with the development of documentation templates for use by the sponsor population - Perform data analysis on assessment findings to determine trends, and develop reports on those trends in an effort to increase security awareness within the Sponsor organization - Ensure the logical and systematic conversation of customer or product requirements into total systems solutions that acknowledge technical, schedule and cost constraints - Perform functional analysis, timeline analysis, cost estimation, trade studies and requirements allocation - Apply, as appropriate, activity and data modeling, transaction flow analysis, internal control and risk analysis and modern business methods and performance measurement techniques - Develop, improve or build in regulatory and best practices for risk reduction across a range of enterprise-wide applications, systems, networks and their interfaces - Responsible for Change Authorization, Implementation and Validation - Installing open source software via CentOS/RedHat or EPEL repositories -Short term hand-on technical assistance for information security or project staffs to aid in securely configuring systems or troubleshooting security issues - Research, design, and help build proof of concept to address emergent needs or vulnerabilities in applications, systems, or networks - Provide highly focused, quick turnaround market research regarding technology trends or potential solutions to specific emergent issues - Provide technical support to existing security applications and utilities to develop improvements in configuration, added capabilities, or evolutionary replacement Education and Experience: Typically requires bachelor s degree or equivalent and 16 to 18 years of related experience. Clearance Requirement: Position requires the ability to obtain/maintain a Top Secret / SCI with Polygraph US government security clearance. Required: - Technologies or experience with: - AWS - NESSUS for vulnerability Management - Centrify (Identity Management) - DNS - YUM repositories - LDAP - Configuration Management (Puppet) - Managed Linux Baseline (CLSE) Desired: - Additional skills/technologies: - Audited (System Auditing) - AIDE for File Integrity Monitoring - Endpoint Instrumental (Tanium) - Anti-Virus (McAfee) - File Integrity Management (TripWire) - Agile development and security experience preferred but not required