- Bachelor's Degree
- Master's Degree
- Communication Skills
- IT Experience
- Computer Networking
CACI is currently looking for a Senior Cybersecurity Specialist with agile methodology experience to join our Information Technology Enterprise Management Systems Solution (ITEMSS) Agile Solution Factory (ASF) Team supporting the Product Lead (PL) Reserve Component Automation System - Force Management System (RCAS - FMS) client located in Northern Virginia! Join this passionate team of industry-leading individuals supporting the best practices in Agile Software Development for the United States Army Reserve and National Guard. CACI’s ASF is hiring a Senior Cybersecurity Specialist for product teams based in Ashburn, VA! Join this passionate team of industry-leading individuals supporting the Best Practices in Agile Software Development for the Department of Defense.
ASF programs thrive in a culture of innovation and are constantly seeking individuals who can bring creative ideas to solve complex problems, both technical and procedural at the team and portfolio levels. The ability to be adaptable and to work constructively with a technically diverse and geographically separated team is crucial.
The Senior Cybersecurity Specialist, with both strong cybersecurity and network security delivery skills, will need to have a deep technical understanding of Cybersecurity practices, delivering secure and reliable hardware and software solutions in short sprints.
They will work in close collaboration with the ASF Application Development Cybersecurity team. The Senior Cybersecurity Specialist must have a working knowledge of enterprise class information assurance requirements and network security and survivability.
They will be responsible for supporting development of a spectrum of engineering artifacts that adequately, but succinctly, capture system security requirements, application and network security design, and network security architecture. This position is responsible for ensuring that all assigned work activities are performed in a timely, secure, compliant and cost-effective manner while maintaining the highest quality of performance.
What you’ll get to do:
Serve as the lead Cybersecurity Subject Matter Expert (SME) responsible for complying with the National Institute of Standards and Technology’s (NIST) Special Publication (SP) 800-171, IAW Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012, “Safeguarding Covered Defense Information and Cyber Incident Reporting”. Basic responsibilities will include:
Identifying specific requirements for safeguarding Controlled Unclassified Information (CUI) in nonfederal systems using authoritative federal standards and guidelines
Implementing a Cybersecurity Program strategy that focuses on the fourteen families of security requirements outlined in NIST SP 800-171 for protecting the confidentiality of CUI in nonfederal systems
Applying information security in accordance with NIST Special Publications and Federal Information Processing Standards (FIPS) including, but not limited to: NIST SP 800-30, NIST 800-37, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-60, NIST SP 800-61, NIST SP 800-171, FIPS 199, and FIPS 200
Developing a system security plan that describes how specified security requirements are met or how they will be implemented
Documenting the Contractor Environment system boundary, the operational environment, how the security requirements are implemented, and the relationships with or connections to other systems
Developing Cybersecurity policies and procedures to align with the fourteen families of security requirements outlined in NIST SP 800-171
Implementing Cybersecurity vulnerability hardening testing
Validating patch status and software control status
Auditing security posture – audit security settings, track security training, monitor threats
Evaluating and recommending innovative proven best business practices and tools to enhance defense-in-depth
Performing information security vulnerability testing and mitigate any nonconformance
Creating Plan of Action & Milestones (POA&M) to track non-compliant controls
Validating Security Technical Implementation Guide (STIG) requirements for all devices in the Contractor Environment
Ability to maintain DOD clearance
College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline
Certifications: minimum Security+ CE or equivalent, CISSP or CASP preferred
Demonstrated knowledge of NIST SP 800 series, with emphasis on NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems”; NIST SP800-53, “Security and Privacy Controls for Federal Information Systems and Organizations”; NIST SP 800-53A, “Guide for Assessing the Security Controls in Federal Information Systems”; NIST SP 800-60, “Guide for Mapping Types of Information and Information Systems to Security Categories”; NIST SP 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”; FIPS 199, “Standards for Security Categorization of Federal Information and Information Systems” and FIPS 200, “Minimum Security Requirements for Federal Information and Information Systems”.
Professional Experience: ten (10+) years related technical experience
Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement
Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas
Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness
Experience with continuous integration tools and environments
Experience with Computer Network Defense (CND) processes, procedures, and tools
Acting independently to expose and resolve problems
Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner
Demonstrated experience with DISA Security Technical Implementation Guide (STIG) implementation and Security Content Automation Protocol (SCAP) tool usage
Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, and/or enterprise Antivirus software technologies
Demonstrated ability to identify and manage risk
Excellent written and verbal communication skills
Strong collaboration skills and desire to work within a team
Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.