The Opportunity:

CACI is seeking an Information System Security Officer (ISSO) who will oversee the cybersecurity posture of a mission-critical web-based application supporting an Intelligence Community customer, ensuring compliance with RMF, NIST 800-53, and other applicable government security requirements. This role is responsible for maintaining security documentation, supporting authorization activities, conducting risk and vulnerability assessments, managing access controls, monitoring security events, and responding to incidents within a classified environment. The ISSO will also collaborate with system administrators, developers, and government stakeholders to implement security controls, support continuous monitoring efforts, and integrate cybersecurity requirements throughout the system lifecycle.

Responsibilities:

• Develop, implement, and maintain the System Security Plan (SSP) and related authorization documentation for RM-Online, including continuous monitoring plans and incident response procedures.
• Conduct regular risk assessments, vulnerability scans, and security control assessments to identify and remediate threats to classified information handled by the system.
• Coordinate with ITD Lead on Certification and Accreditation (C&A) processes to achieve and sustain Authority to Operate (ATO) status on USG mission network.
• Manage user access controls, authentication mechanisms, and audit logging aligned with USG mission network protocols, ensuring least privilege and role-based access.
• Respond to security incidents, perform root cause analysis, and implement corrective actions within established timelines (e.g., 24-72 hours for critical incidents).
• Provide security awareness training to system users and maintain compliance with USG security standards, including handling of classified data.
• Support system updates, patches, and enhancements by evaluating their impact on security controls and integrating them without compromising the USG mission network environment.
• Design and implement technical security architectures for RM-Online, ensuring secure integration with the agency's existing USG mission network infrastructure, including network segmentation, encryption protocols, and access control mechanisms.
• Engineer and configure security controls (technical, operational, and management) as documented in the System Security Plan (SSP), ensuring alignment with NIST 800-53 baseline requirements and agency-specific security policies.
• Conduct security engineering assessments during system development, deployment, and modification phases, identifying vulnerabilities and recommending mitigations prior to operational deployment.
• Collaborate with development teams to incorporate security requirements into the Software Development Lifecycle (SDLC), including secure coding practices, threat modeling, and security testing (e.g., penetration testing, code reviews).
• Implement and maintain cryptographic solutions, Public Key Infrastructure (PKI), and encryption standards for data at rest and data in transit within the classified environment.
• Evaluate and integrate security patches, updates, and system changes, ensuring they do not introduce new vulnerabilities or degrade existing security posture.
• Support the Certification and Accreditation (C&A) process by providing technical documentation, security test results, and remediation plans to achieve and sustain Authority to Operate (ATO) on USG mission network.
• Monitor and analyze system logs, intrusion detection/prevention system (IDS/IPS) alerts, and security events to identify anomalies, investigate potential breaches, and recommend corrective actions.
• Deliver technical security training and knowledge transfer to system administrators and end users as required to maintain operational security awareness.

Qualifications:

Required: 

• Active TS/SCI clearance with CI Polygraph
• At least five (5) years of experience in information security roles, with specific expertise supporting classified networks
• Current CISSP, CISM, or equivalent cybersecurity certification
• Demonstrated knowledge of US Government cybersecurity frameworks and standards
• Hands-on experience with on-premise web-based applications in secure, virtualized environments

What You Can Expect:

 A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

An environment of trust.

CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

Pay Range:

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

The proposed salary range for this position is: