Cyber Security Engineer

Company: CACI International
Location: High Point
Posted on: March 16, 2023

Job Description:

Cyber Security Engineer Job Category: Engineering Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 25% Type of Travel: Outside Continental US What You'll Get to Do Information System Security Engineer (ISSE) is responsible for conducting information system security engineering activities, refines information security requirements and ensures its integration into information technology component products and information systems through purposeful security design, configuration, and continuous monitoring. More About the Role * Serve as the security engineer representative on system engineering teams for the design, development, implementation and/or integration of secure networking, computing, implementation and/or integration of IA architectures, systems, or system components and enclave environments and operations maintenance with system and network administration responsibilities. * Serve as the technical authority and SME on information security Risk Management Framework (RMF) for DoD, and NIST RMF accreditation testing and evaluation * Maintain, configure, and analyze network and host-based security platforms * Use command-line level activities to configure, troubleshoot, analyze, and navigate system level actions * Assign access level and/or privileges based on user's need to know * Enforce Enterprise level established security policies * Conduct vulnerability scanning and analysis of systems and tools * Formulate and implement security certification methods for projects/programs conforming to DoD and Federal Cyber Security requirements * Advise on best practices of design, development, and continuous monitoring of an information system. * Advise on vulnerability management and security scanning practices * Apply knowledge of Information Assurance policies, procedures, and workforce structures to design, develop, and implement secure networking, computing, and enclave environments * Support security planning, assessment, risk analysis, and risk management using the Risk Management Framework (RMF) in execution of the RMF processes including the completion of RMF process steps in eMASS, the development of RMF artifacts (Security Plan, POA&M, Continuous Monitoring Plan, Risk Assessment Report, etc.), and the implementation and assessment of Security Controls and Control Correlation Identifiers (CCIs) * Identify overall security requirements for the proper handling and protection of government data * Maintain and update relevant information system , process documentation, and develop ad-hoc reports as needed * Conduct briefings and provide metrics as required by executive management * Successfully manage time and technical responsibilities, set accurate expectations, and meet deliverable deadlines while working in a team and information sharing environment * Coordinate with ISSM/ISSO to update POA&M and reflect open vulnerabilities associated with operation Hardware and software baselines, develop remediation plans to include milestone completion dates and status updates, and include mitigation process for closed vulnerabilities * Participate in Configuration Control Board (CCB) * Keep informed of currently approved standards, codes, and procedures applied to cybersecurity specialty * Travel to other CACI Locations or Customer Sites as necessary * Understand and adhere to all CACI Ethical and Compliance policies * Proactively ensure a safe work environment and adhere to CACI EH&S policies and procedures * Perform other duties as required * If required, obtain/retain a government security clearance at the level required to perform the duties of the position You'll Bring These Qualifications * Current Active U.S. Department of Defense Secret Security Clearance * 5+ years of related experience * Working knowledge of VMWare Products * Working knowledge of current Cyber technologies and experience with NIST 800 Series and DoD 8570 regulations and governing DISA STIGs and/or SRGs * Understanding of Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Assessments (IAVAs) * Prior experience with RMF controls, risk assessments, and POA&M generation * Strong working knowledge of Confidentiality, Integrity, and Availability (CIA) concepts, to include 2-factor authentication, Public Key encryption techniques, patch management, end-point security systems, intrusion detection, security event management and defense-in-depth. * Well versed in DoD cyber security Assessment and Authorizations (A&A) DoD Implementation, Directives, NIST Special Publications and other government cyber security standards, policies, and directives * Experience with Nessus, ACAS, SCAP * Experience completing and review DISA Security Technical Implementation Guides (STIGs) * Experience conducting risk analysis on products and system components through review of CVEs, plugins, IAVAs * Experience onboarding assets to centrally managed Enterprise solutions * Application Security Architecture and Design experience * Security Compliance Operations and Application Security Assessment experience * DoD 8570.01 IAT level 2 or greater cyber security certification per DoD 8570.01 (such as Security+) * Possess strong speaking, writing, and presentation skills, as well as the ability to persuade, inspire and lead through influence * Possess analytical and problem-solving skills necessary for quickly developing recommendations based on quantitative and qualitative data from many different types of sources These Qualifications Would Be Nice to Have * Prior ISSE experience with a Department of Defense (DoD) customer. * Additional cyber and/or IT certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA's Advanced Security Practitioner (CASP) * Knowledge of risk assessment tools, technologies, and methods * Experience designing secure networks, systems, and application architectures * Experience planning, researching, and developing security policies, standards, and procedures * Ability to communicate network security issues to peers and customers * Proficient in Microsoft software applications and other software applications as required, including Microsoft SharePoint * Systems integration experience * Excellent interpersonal and presentation skills * Good oral and written communications skills What We Can Offer You * We've been named a Best Place to Work by the Washington Post. * Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. * We offer competitive benefits and learning and development opportunities. * We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities. * For over 60 years, the principles of CACI's unique, character-based culture have been the driving force behind our success. Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities. As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.

Keywords: CACI International, High Point , Cyber Security Engineer, Other , High Point, North Carolina