Information Systems Security Officer
Req #: 223571
Location: Washington, DC US
Job Category: Security
Minimum Security Clearance: None
The Information System Security Officer (ISSO) serves as the principal advisor on all matters, technical and otherwise, involving the security of an information system. ISSOs will be called on to provide guidance, oversight, and expertise, but they may or may not develop security documents or actually implement any security controls. While ISSOs will not actually perform all functions, they will have to coordinate, facilitate, or otherwise ensure certain activities are being performed. As a result, it is important for ISSOs to build relationships with the security officers, technical staff, and other stakeholders as described in this document. This position also collaborates to ensure that customers utilizing the DOJ CJIS capabilities are in compliance with all statutory and federal laws, as well as the policies set forth in the FBI CJIS Security Policy. The employee assigned to this position exercises independent judgment and initiative in the performance of assigned duties.
What You'll Get To Do:
* Provide Information System Security Officer (ISSO) support to ensure customer systems maintain their Authority to Operate (ATO) with a security posture in accordance with NIST SP 800-53A Rev4 guidance.
* Provide IT security assessment and IT security audit functions to ensure FISMA compliance
* Develop and maintain documentation in support of Certification & Accreditation (C&A)
* Ensure all C&A and system security documentation (Security Plan, Privacy Threshold Analysis, Privacy Impact Assessment, e-Authentication, FIPS-199, Business Impact Analysis, Continuity of Operations) is kept up to date or created when needed
* Ensure systems meet all security requirements mandated by DOJ and applicable DHS Management Directives
* Create, update and assess compliance of system Authority to Operate (ATO) packages
* Provide information security expertise to system development teams throughout the System Engineering Lifecycle process
* Ensure Plan of Action & Milestone (POA&M) and other compliance and vulnerability issues are remediated in a timely fashion
* Ensure proper access controls are implemented for both system access and physical access to data processing facilities
* Independently manage workload and provide guidance to less experienced staff
* Ensure program compliance with security taskers such as annual security compliance training
* Perform yearly assessment of Security core controls
* Track compliance with DOJ Vulnerabilities and Security Advisories
* Support program through system audits (FISMA, ISO, CJIS, etc.)
* Track AV compliance of systemEnters system documentation required in CSAM
* Advise DOJ CJIS Auditors on IT audits for CSA Customers and/or conduct DOJ CJIS IT Audits of CSA Customers
You'll Bring These Qualifications:
* Education: Typically requires B.S. degree in computer science, cyber security, or systems engineering, and minimum of 10 years of related experience in information security.
* Certification: CISSP
* Clearance Required: DOJ MBI must be obtainable.
* Experienced with creating System Security Plans, Privacy Threshold Analysis, Privacy Impact Assessments, e-Authentication, FIPS-199, Security Categorization Analysis, and Business Impact Analysis
* Demonstrated expertise in SELC, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security, activities related to Ongoing Authorization
* Knowledge of information security best practices, Enterprise Architecture
* Has extensive knowledge of CSAM
* There is no clearance requirement to begin employment. However, as a requirement of continued employment in this position you will be required to obtain a DOJ/MBI clearance.
These Qualifications Would Be Nice To Have:
* ISO 20000 / ISO 27000 experience
* Experience with Nessus Security Center, Splunk, FedRAMP, Data Centers, Tableau, AWS, and Virtualization strongly preferred.
* Experience with CJIS Security Policy and Law Enforcement
What We Can Offer You:
* We've been named a Best Place to Work by the Washington Post.
* Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
* We offer competitive benefits and learning and development opportunities.
* We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
* For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
CACI International is a provider of information solutions and services in support of national security missions and government transformation for intelligence, defense, and federal civilian customers.