Full Job Description
CACI is currently looking for a Cybersecurity Engineer with agile methodology experience to join our BEAGLE (Border Enforcement Applications for Government Leading-Edge Information Technology) Agile Solution Factory (ASF) Team supporting Customs and Border Protection (CBP) client located in Northern Virginia! Join this passionate team of industry-leading individuals supporting the best practices in Agile Software Development for the Department of Homeland Security (DHS).
As a member of the BEAGLE ASF Team, you will support the men and women charged with safeguarding the American people and enhancing the Nation’s safety, security, and prosperity. CBP agents and officers are on the front lines, every day, protecting our national security by combining customs, immigration, border security, and agricultural protection into one coordinated and supportive activity.
ASF programs thrive in a culture of innovation and are constantly seeking individuals who can bring creative ideas to solve complex problems, both technical and procedural at the team and portfolio levels. The ability to be adaptable and to work constructively with a technically diverse and geographically separated team is crucial.
The Cybersecurity Engineer with both strong application and network security delivery skills will need to have a deep technical understanding of Cybersecurity practices, delivering secure and reliable hardware and software solutions in short sprints. The individual will work with a highly productive team of seasoned technical professionals who thrive on supporting our customer's mission and growth objectives–designing, developing, leading, and implementing secure application and infrastructure capabilities for a variety of legacy and modernized systems.
They will work in close collaboration with software developers/engineers, quality assurance engineers, stakeholders, and end users within Agile Engineering processes. They must have a working knowledge of enterprise class information assurance requirements and network security and survivability.
They will also be responsible for supporting development of a spectrum of engineering artifacts that adequately, but succinctly captures system security requirements, application and network security design, and network security architecture. This position is responsible for ensuring that all assigned work activities are performed in a timely, secure, compliant and cost-effective manner while maintaining the highest quality of performance.
What you’ll get to do:
Serve as a Cybersecurity Team member responsible for the Information Assurance and Security of custom coded and COTS applications and databases. Responsible for activities associated with delivery of Cybersecurity technical control implementation, configuration, and architectural solutions associated with customer-defined systems/software projects; basic responsibilities include:
Implement cybersecurity frameworks such as National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) cybersecurity criteria
Implement Technical Cybersecurity Program strategy
Understand and assist developers with static code analysis processes
Enable assurance for information security during all phases of agile software development and deployment
Secure the SecDevOps Continuous Integration pipeline
Assess entire system lifecycle requirements and network security impacts
Enhance – Implement Cybersecurity vulnerability/ hardening testing
Optimize – Cybersecurity development environment certification
Architect & Engineer security – develop security goals, capabilities, controls, and architecture
Design & Implement security – vulnerability management, build security into development
Integrate & Test Security – test patches and settings, document artifacts demonstrating compliance
Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation
Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth
Identify, assess, and recommend zero-day cyber threat remediation
Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects
Monitor and inspect for approved software usage and implementation of approved security enabled software and tools
Works to achieve, team objectives, operational plans with measurable contribution towards the achievement of results of the job function or completion of a project.
Apply information security in accordance with National/DHS/CBP directives security policy
Assist government personnel in preparing and presenting Information Assurance Compliance System packages to the Control Assessor (SCA) Assess and analyze the current threat environment
Execute basic Penetration Testing using tools such as Kali Linux
Manage Plan of Action and Milestones (POA&M) processes to identify, track, and mitigate open findings and vulnerabilities
Must be a U.S. Citizen with the ability to pass CBP background investigation, criteria will include:
3-year check for felony convictions
1-year check for illegal drug use
1-year check for misconduct such as theft or fraud
Experience with Software Development, Agile, or SecDevOps
Demonstrated experience with HP Fortify Software Security Center or similar tool
Demonstrated experience with reviewing and interpreting results from Vulnerability scanners like Nessus or similar tool
College degree (B.S., M.S.) in Computer Science, Computer Information Systems, or a related discipline
Certifications: minimum Security+ CE or equivalent, CISSP or CASP preferred
Professional Experience: Five (3+) years related technical experience with software development or hands on secure system configuration
You are good at:
You will need an in-depth knowledge of enterprise class Cybersecurity, information assurance requirements of NIST RMF processes, as well as network security and survivability requirements and capabilities
Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas
Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage
Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness
Experience with continuous integration tools and environments
Experience with scripting languages like Perl, VBScript, Ruby, etc.
Experience with Computer Network Defense (CND) processes, procedures, and tools
Acting independently to expose and resolve problems
Demonstrated ability to identify and manage risk
Excellent written and verbal communication skills
Strong collaboration skills and desire to work within a team
Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
Bonus would be having:
Experience as a software or systems developer, Database administrator, or other developer background a plus
Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative principles and ideas
Direct experience providing production support for Oracle databases; experience with Oracle tools
Experience with Cloud Security in AWS, Azure or other CSP under IaaS, SaaS, or PaaS environments. Associated Cloud certificationshighly regarded
Familiarity using Kali Linux
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.