Intermediate Information System Security Officer

Job Title: Intermediate Information System Security Officer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: Top Secret

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Local

The Opportunity:

CACI is searching for an Intermediate Information System Security Officer to join our team of highly qualified and dedicated individuals supporting the FEMA Office of the Chief Information Security Officer (OCISO) in Washington, D.C. or Mt. Weather, VA. Employees shall generally perform all work between the hours of 8 A.M. and 5 P.M. EST, Monday through Friday (except federal holidays). However, due to disaster operations, there is the potential for 24/7 support being required. As an Intermediate System Security Officer, you will play a crucial role in ensuring the security and compliance of FEMA’s information systems. You will work in a dynamic environment, collaborating with IT system owners, stakeholders, and cybersecurity professionals to implement and maintain robust security controls. Your efforts will directly contribute to safeguarding FEMA’s mission-critical systems and data.

Responsibilities:

The Intermediate Information System Security Officer (ISSO) shall provide support to the designated Information System Security Officer (ISSO) to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with DHS 4300A and NIST SP guidance. This support shall include providing IT security assessment and IT security audit functions to ensure FISMA compliance, support in developing and maintaining documentation in support of Certification & Accreditation (C&A) as required by the Federal Information Security Management Act (FISMA); ensuring all C&A and system security documentation is kept up to date; and ensuring systems meet all security requirements mandated by DHS 4300A and DHS Management Directives.

• Prepare all reports and required deliverables, attend client and staff meetings

• Follow the Information Systems Security Officer (ISSO) Guide, V10, when developing, updating, or reviewing required security artifacts.

• Ensure proper access controls are implemented for both system access and physical access to data processing facilities.

• Create, update, and assess compliance of system Authority to Operate (ATO) packages.

• Provide information security expertise to system development teams throughout the System Engineering Lifecycle process.

• Ensure Plan of Action & Milestone (POA&M) reports are maintained and that security vulnerabilities are tracked and remediated.

• Implement and apply technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.

• Maintain network device and information security incident, damage and threat assessment programs.

• Investigate network device and information security incidents to determine extent of compromise to national security information and automated information systems.

• Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and network and device security and encryption.

• Design, develop, or recommend integrated system solutions ensuring proprietary/confidential data and systems are protected in accordance with mandated standards

• Configure and validate secure systems, tests security products/systems to detect computer and information security weakness

• Generate security architecture documentation and provide critical written and verbal analyses of previously generated security architecture documentation and vulnerability and risk assessments

• Design and implement plans of action and milestones to remediate findings from vulnerability and risk assessments

• Provide information assurance for digital information, ensuring its confidentiality, integrity, and availability

• Grant of authorization to operate IT systems at acceptable levels of risk, monitoring and testing of IT systems for vulnerabilities and indicia of compromise, incident response and remediation, the development of appropriate policy, relevant user security awareness and training, and compliance with applicable government and other external standards.

Qualifications:

Required:

• Current active Top Secret with SCI eligibility

• FEMA EOD suitability (current FEMA EOD preferred)

• BS/BA + 7 years of applicable experience (or equivalent)

• At least 3 years of experience working with FISMA

• Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security

• Must have one of the following Information Assurance Technician (IAT) Level III qualifications:

• Certified Information System Security Professional (CISSP)

• CompTIA Advanced Security Practitioner (CASP+)

• Or other applicable IAT or IAM cyber security professional certifications

• Knowledge of information security best practices, Enterprise Architecture, DHS experience

• Experience with Xacta IA manager and/or CSAM.

Desired:

• CAP – Certified Authorization Professional

• Previous DHS or DoD experience

What You Can Expect:

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

Pay Range :

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$75,200-$158,100

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.