ISSM Job Category: Security Time Type: Full time Minimum Clearance Required to Start: TS/SCI Employee Type: Regular-Long Term Assignment Percentage of Travel Required: Up to 10% Type of Travel: Local
CACI is looking for a qualified Information Systems Security Manager (ISSM) to support of USAFRICOM.
ISSM responsibilities of an ISSM include but are not limited to: Develop and maintain a formal IS security program and policies for their assigned area of responsibility; Provide technical and procedural Information System (IS) Security advice to government and industrial teams.
Will utilize environments with lean agile practices to establish enterprise level safeguards such as computer and network systems security and cyber situational awareness, damage assessment and recovery, cyber threat recognition, attribution and mitigation, and active response methodologies across Enterprise Ground Services (EGS) in response to evolving threats and changes to cyber environment.
Job Description
- Provide weekly reports on RMF Assessment and Accreditation (A&A) sustainment activities.
- Participate in RMF A&A related meetings and briefs, to include developing agendas, maintaining minutes and action item lists.
- Provide expert recommendations for Security
- Implementation Security Guide (STIG) implementation and risk mitigation.
- Leading Assessment and Authorization (A&A) activities for DoD and Intelligence Systems in accordance with Risk Management Framework and ICD-503 guidelines.
- Supporting offensive architecture analysis and design of defense-in-depth solutions.
- Developing and assessing system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones.
- Analyzing static code scans and dynamic code scans to validate Application Security and Development STIG compliance.
- Leading and coordinating security test event teams to achieve accreditation milestones.
- Verifying and validating vulnerability resolutions and/or mitigations.
- Effectively communicate work plans, milestones (POAM), and obstacles to clients; able to communicate, explain, or defend ideas or information clearly. Listen to others and recognize potential miscommunications, offer clarity.
- Ability to effectively develop system security plans, procedures, and other security documentation.
- Resolve non-routine problems with area of assigned responsibility and timely direct complex problems, questions, or complaints to Program Manager.
- Ability to analyze disparate data and produce a readable, understandable summary to Program Manager, with recommendations for corrective action, as needed; evaluate effectiveness of applied security control.
Requirements
- Active TS/SCI and U.S. Citizenship is required.
- High School/GED + 11 Yrs, or Associates + 9 Yrs, or Bachelors + 3 Yrs,
- DoD 8570 Certification (Security+ or equivalent required, CISSP highly desired).
- Experience with IAVMs, DISA STIGs, POA&Ms, and related Federal/DoD policies and regulations.
- Experience with the security authorization process including the review of system security documentation, i.e., System Security Plans (SSP), system boundary definition, systems security plan, configuration management plan, contingency plan, and interconnection security agreements (e.g., MOUs, ISAs).
- Demonstrated expertise in national Cybersecurity policies, DoD or Intelligence Community A&A processes and procedures and industry best practices on complex systems.
- Expertise in vulnerability assessment, control allocation and risk mitigation.
- Understanding of offensive and defensive security tactics, techniques and procedures.
- Experience with cloud architectures is a plus.
- Ability to negotiate effectively with higher level Government leads, managers, functional managers, customers, industry partners, and teammates.
- Demonstrated leadership skills (supervisory experience, building teams, building customer relationships).
- Strong interpersonal and mentoring skills, and the ability to effectively build and lead teams.
- Good planning and organizational skills, as well as strong oral and written communications skills.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, nat