5 months ago
Lead Cybersecurity Engineer
Req #: 219031
Location: Lexington Park, MD US
Job Category: Information Technology
Minimum Security Clearance: Secret
CACI is seeking a Lead Cybersecurity Engineer in Lexington Park, MD who will be the leader in the RMF process as well as the design, development, implementation, and/or integration of a DoD Cybersecurity architecture, system, or system component for use within C5ISR systems. This may include support for program of record systems and special purpose environments with platform IT interconnectivity. Your expertise will ensure that the architecture and design of DoD IS are functional and secure.
What You’ll Get to Do:
* Serve as the Lead Cybersecurity Engineer with RMF experience who has deep expertise in security assessment documentation to support DoD systems and efforts to achieve their Authorization to Operate (ATO). The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.
* Support systems from the perspective RMF requirements.
* Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades.
* Maintain responsibility for managing cybersecurity risk from an organizational perspective.
* Prepare and review documentation, including Systems Security Plans (SSPs), risk assessment reports, certification and accreditation (C&A) packages, and plan of actions and milestones (POA&M).
* Prepare system security plan (SSP) in accordance with the applicable governing directive for systems and ensure all networks are maintained respective to SSPs.
* Review and validate security documentation to ensure necessary security controls are in place and operating as intended.
* Review and maintain vulnerability scanning tool compliance and reporting to ensure compliance with all applicable directives. Stay informed of any changes to security policies and landscape and ensure that any training or other activities are undertaken to maintain security posture and compliance.
* Update documentation and specifications of compliance requirements and control inheritance across system products and components.
* Manage the cybersecurity team.
* Provide cybersecurity analysis, with a focus on Assessment and Authorization (A&A), under the implementation of the Risk Management Framework (RMF).
* In-depth reviewing of authorization packages and artifacts in the Enterprise Mission Assurance Support Service (eMASS) at RMF Steps 1, 2, and 5.
* Track authorization to operate (ATO) statuses and authorizations with conditions, of the MSC Business Systems.
* Draft and review cybersecurity policy documents that affect the MSC Business systems.
* Run and/or support A&A meetings and other working groups.
* Review completed Assured Compliance Assessment Solution (ACAS) scans and Security Technical Implementation Guide (STIG) checklists submitted for RMF Step 5 Checkpoint and modification request package submissions.
* Validate all findings from raw scans are documented.
* Analyze vulnerabilities in raw scans and determine if documented mitigations are appropriate.
* Ensure all manual reviews are completed in STIG checklists, and that any not applicable (N/A) statements are appropriate.
* Make determinations if there are risk posture changes when system modifications are requested for authorized systems.
You’ll Bring These Qualifications:
* Active Secret Clearance.
* A Minimum of five (10) years’ experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.
* eMASS experience.
* Experience putting together and/or reviewing Ports, Protocols, and Services (PPS).
* Experience reviewing network topology diagrams and system architecture.
* Experience reviewing Assured Compliance Assessment Solution (ACAS) scans or other vulnerability scans (performing scans and hands on experience preferred).
* Experience reviewing DISA Security Technical Implementation Guide (STIGs) (applying STIGs and hands on experience preferred).
* Completed training in eMASS, however preferably hands on experience with categorizing information types, tailoring with CNSSI 1253/NIST SP 800-53 rev 4 security controls, managing artifacts and building or reviewing packages in eMASS.
These Qualifications Would be Nice to Have:
* CISSP, CASP, or similar certificate is preferred.
* GIAC Certified Penetration Tester (GPEN).
* GIAC Certified Incident Handler (GCIH).
* Certified Ethical Hacker (CEH).
* Offensive Security Certified Expert (OSCE).
* Offensive Security Certified Professional (OSCP).
* CompTIA Security+ CE.
* CCNA Security, CySA+, GICSP, GSEC, SSCP , and other security certs.
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
US-Lexington Park-MD-MARYLAND SUBURBAN
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.