Information Systems Security Engineer- (ISSE)- Up to 25% Profit Sharing Benefit!

Company: CACI International
Location: Sarasota
Posted on: September 11, 2020

Job Description:

Job Description
BITS, a CACI Company, offers very rewarding and unique benefits, which equates to 50% of compensation on TOP of your base salary! The first part is a tax-qualified profit-sharing retirement plan, to which BITS annually contributes up to 25% of your base salary (not in excess of applicable IRS limits) to your retirement account. The second component consists of BITS' Individual Benefit Account (IBA), which is used for premiums, medical reimbursements, dependent care, education and Paid Time Off (PTO) policy. Both components of the BITS benefit package are paid for by BITS, in addition to your base salary and potential performance bonuses. We believe in a healthy home/work balance and both of our locations offer a wide variety of activities to balance with your work life. Learn more at http://www.caci.com/bit-systems/.
What Youll Get to Do:

You will perform Information System Security Engineering support for various information systems throughout the system development lifecycle. You will have the opportunity to assist in system hardening, prepare comprehensive assessment testing procedures, system scanning, documentation, and support the engineering team by providing direct input on the information system design in order to obtain a successful Authorization to Operate.

More About this Role:

• 
  
• Execution of the Assessment & Authorization (A&A process in accordance with government requirements (e.g. ICD-503).
• Ensure that accreditation data is maintained within customer databases (e.g. Xacta).
• Conduct research in multiple areas, to include emerging technologies, vulnerability information, system hardening (e.g. STIGs), operating systems, application software and security tools.
• Prepare comprehensive security assessment testing documentation to validate applied security controls in support of Assessment and Authorization (A&A) testing.
• Provide technical guidance focused on information security architecture.
• Generate security accreditation artifacts to include, but not limited to Security Requirements Traceability Matrix, Security Plans, Certification Test Plans, and Continuous Monitoring Plans.
• Track and fulfill liens associated with A&A activities as documented in the Plan of Actions and Milestones.
• Perform vulnerability assessments using standardized tools (Nessus, DISA STIGs) and configuration updates as required to comply with security requirements.
• Performing hardening of operating systems, COTS product and OpenSource products as required to support compliance with security requirements.
• Provide technical engineering services for the support of integrated security systems and solutions
• Assesses and mitigates system security threats, risks and vulnerabilities throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system operations.
• Participates as a member of a security engineering team that designs, develops, implements, evaluates and/or integrates security architectures, systems or system components.
• Support and interact with customers in the enforcement of the design of security throughout the system life cycle.
• Apply knowledge of IA policies and procedures disseminated by the customers organization.
  
  Youll Bring These Qualifications:
  
  • 
    
  • An active TS/SCI clearance is required.
  • Must have a current certification compliant with DoD 8570 IAM or IAT level 3 OR obtain certification within 6 months of hire and maintain certification throughout employment.
  • Bachelors degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline. Three (3) years of ISSE experience may be substituted for a bachelors degree.
  • Knowledge and experience in information systems security
  • Knowledge of IA principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
  • Ability to develop best practices for processes and standards that will better the system.
  • Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
  • Knowledge of security system design tools, methods, and techniques.
  • Knowledge of relevant laws, policies, procedures, or governance as they relate to work that may impact critical infrastructure.
  • Knowledge of TCP/IP networking technologies, Linux account administration, Linux folder permissions, Patch Management best practices on Operating Systems and applications, known vulnerabilities associated with Windows and Linux platforms.
  • Knowledge of virtualization technologies (e.g. VMWare, Docker)
  • Knowledge of OSI model and how specific devices and protocols interoperate, including knowledge of protocols, and services for common network traffic
  • Knowledge of DoD/IC system security control requirements
  • Knowledge and experience with XACTA
  • Knowledge of continuous monitoring practices.
  • Knowledge of DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures
  • Excellent communication and interpersonal skills required.
  • Must be able to efficiently manage time management and workload
  • Ability to support a flexible schedule and work in a dynamic, real-time environment with rapidly changing priorities required.
    
    These Qualifications Would be Nice to Have:
    
    • 
      
    • Experience with ICD 503 and working knowledge of Risk Management Framework as outlined in NIST SP 800-37.
    • Working knowledge of information system security controls and how to assess their effectiveness per NIST SP 800-53 and NIST SP 800-53A.
    • Knowledgeable in continuous monitoring processes as outlined in NIST SP 800-137 appropriate for systems, leveraging existing tools, efforts, and incorporating new automation techniques.
    • Knowledgeable in information system vulnerability analysis and management.
    • Working knowledge of IT including but not limited to network sub netting.
    • Experienced in system testing methodologies that include: Penetration testing, Configuration analysis, Security best practices validation
    • Experienced in security testing and penetration tools that include: Backtrack, Assured Compliance Assessment Solution (ACAS), Wireshark, Retina, Tripwire
    • Knowledgeable in cyber Incident handling.
    • Experienced in using the XACTA application.
    • Proficient in the use of Microsoft Application tools (i.e. Excel and Powerpoint).
    • Experience within the Intelligence Community
      
      What We can Offer You:
      
      - Weve been named a Best Place to Work by the Washington Post.
      
      
      
      • 
        
      • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
        
      • We offer competitive benefits and learning and development opportunities.
        
      • We are mission-oriented and ever vigilant in aligning our solutions with the nations highest priorities.
        
      • For over 55 years, the principles of CACIs unique, character-based culture have been the driving force behind our success.
        
        el4
        
        Job Location
        
        US-Sarasota-FL-TAMPA-ST. PETERSBURG
        
        CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
        
        

Keywords: CACI International, Sarasota , Information Systems Security Engineer- (ISSE)- Up to 25% Profit Sharing Benefit!, IT / Software / Systems , Sarasota, Florida