Cybersecurity Engineer

CACI is looking for a Cybersecurity Specialist with a deep technical understanding of Cybersecurity practices, delivering secure and reliable hardware and software solutions in short sprints.  They will work as an integral part of a highly productive team of seasoned technical professionals who thrive on supporting our customer's mission and growth objectives– responsible for designing, developing, leading, and implementing secure application and infrastructure capabilities for a variety of legacy and modernized systems and applications. 

What you’ll get to do: 

Serve as a Cybersecurity Team member responsible for the Information Assurance and Security of application, database, and enterprise network services. Responsible for activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects; basic responsibilities include: 

• Work with Cybersecurity Lead to design and implement Cybersecurity application strategy 

• Apply information security in accordance with National/DoD directives security policy including, but not limited to,  

• Assess entire system lifecycle requirements and network security impacts 

• Support creation of, and ensure approval for, Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects 

• Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures 

• Assist government personnel in preparing and presenting Information Assurance Compliance System (IACS) packages to the Control Assessor (SCA) Assess and analyze the current threat environment 

• Enhance – Implement Cybersecurity vulnerability/A&A hardening testing 

• Optimize – Cybersecurity development environment certification 

• Architect & Engineer security – develop security goals, capabilities, controls, and architecture 

• Design & Implement security – vulnerability management, build security into development 

• Integrate & Test Security – test patches and settings, document A&A artifacts 

• Validate & Verify security – validate patch status and software control status 

• Implement security – apply patches and security settings, performance incident handling and remediation 

• Maintain security posture – audit security settings, track security training, monitor threats, track reaccreditation 

• Enable assurance for information security during all phases of agile software development and deployment 

• Create and manage Plan of Action & Milestones (POA&M) 

• Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects 

• Report and help investigate security-related incidents and security violations as requested by the Computer Security Incident Response Center (CSIRC) 

• Monitor and inspect for approved software usage and implementation of approved antivirus and other security related software 

You Will Bring These Qualifications: 

• Ability to obtain and maintain DoD Secret Clearance Must be a U.S. Citizen with the ability to pass DoD background investigation 

• College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline 

• Certifications: minimum Security+ CE or equivalent, CISSP or CASP preferred 

• Demonstrated knowledge of NIST Information Technology Security Special Publications (SP) 800 series, with emphasis on NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems” and NIST SP 800-53A, “Guide for Assessing the Security Controls in Federal Information Systems” 

• Professional Experience: Seven (7+) years related technical experience 

• Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness 

• Excellent written and verbal communication skills 

• Strong collaboration skills and desire to work within a team 

• Highly responsible, team-oriented individual with very strong communication skills and work ethic; self-starter 

These Qualifications Would Be Nice To Have: 

• Demonstrated experience with HP Fortify Software Security Center 

• Demonstrated experience with Assured Compliance Assessment Solution (ACAS)/Tenable Nessus Vulnerability Scanner 

• Demonstrated experience using IACS 

• DoD or Air Force IA and accreditation experience 

• Experience with Air Force application development and IA activities