CACI International Information System Security Engineer (Up to 25% Profit Sharing Benefit!) in Aurora, Colorado
BITS, a CACI Company, offers very rewarding and unique benefits, which equates to 50% of compensation on TOP of your base salary! The first part is a tax-qualified profit-sharing retirement plan, to which BITS annually contributes up to 25% of your base salary (not in excess of applicable IRS limits) to your retirement account. The second component consists of BITS' Individual Benefit Account (IBA), which is used for premiums, medical reimbursements, dependent care, education and Paid Time Off (PTO) policy. Both components of the BITS benefit package are paid for by BITS, in addition to your base salary and potential performance bonuses. We believe in a healthy home/work balance and both of our locations offer a wide variety of activities to balance with your work life. Learn more at http://www.caci.com/bit-systems/
CACI is looking for an Information Systems Security Engineer to join our team and provide Information Assurance support for various information systems throughout the system development lifecycle. Our ISSE must be comfortable with providing customer and program teams with input as to how to meet various security requirements.
What You’ll Get to Do:
You will perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies.
Designs, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
Assists architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Agency security policy and enterprise solutions.
Assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. Evaluates scan results and works with system developers and system administrators to eliminate or mitigate findings.
Manages day to day operation of SecurityCenter / NESSUS implementation. Generate audit files, policies, scans, reports, and dashboards within the SecurityCenter tool. Deploys NESSUS scanners and configure connection to SecurityCenter.
Works with system developers to generate and deploy new SecurityCenter audit files for system components. Assists system developers and system administrators implement the hardening associated with the generated audits.
Generates certification and accreditation (C&A) documentation and artifacts (ie. System Security Plans, Network Interface Planning Documents, etc.) For import / upload to the Xacta tool. Ensures that artifacts and data comply with customer and BIT Systems standards.
Develops, implements, and documents formal security programs and policies for systems and monitors compliance to these policies and programs. Enforce the design and implementation of trusted relations among external systems and architectures.
Applies system security engineering expertise in one or more of the following: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.
Support security authorization activities in compliance with NSA/CSS Information System Certification and Accreditation Process (NISCAP) and DoD Information Assurance Certification and Accreditation Process (DIACAP) process, the NIST Risk Management Framework (RMF) process, and prescribed NSA/CSS business processes for security engineering
You’ll Bring These Qualifications:
Typically requires a Bachelor’s degree and 10 plus years of directly related experience.
Minimum of Four (10) years ISSE /System Engineering experience, or directly related.
Experience performing System Security in the NRO environment (working a system through the RMF process)
Experience with system integration and hardening in the NRO cloud environment
Experience with managing SecurityCenter / NESSUS
Experience generating automated security testing audit files based on DISA STIGs
Experience working with engineers and system administrators to correct scan findings / system vulnerabilities
Experience using the Xacta tool
Experience writing CTPs based on DISA STIGs
Experience executing CTPs for witness testing
Experience mitigating scan findings
Experience with network functions / maintaining network cut sheets / PPS sheets
Active TS/SCI with CI Polygraph
These Qualifications Would be Nice to Have:
A Bachelor’s degree in CS, EE, IS, or related
Previous System Administrator experience
Previous Configuration Management experience
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.