Job Title: Security Control Assessor
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
Key Responsibilities:- Innovate and Lead: Develop and execute innovative processes, standards, and operational plans through research and the integration of best practices. Serve as a subject matter expert and a mid-senior representative for your team.
- Team Mentorship: Provide guidance, coaching, and training to your team, fostering a culture of continuous learning and improvement.
- USCG Collaboration: Deliver tailored documentation to support the United States Coast Guard's security authorization processes.
- Risk Management: Act as an independent assessor for the Risk Management Framework (RMF) Steps 0 to 7. Plan and conduct security control assessments for various information systems.
- Assessment and Reporting: Develop and maintain assessment procedures aligned with NIST guidelines. Analyze security control effectiveness, identify vulnerabilities, and prepare detailed Security Assessment Reports (SARs).
- Stakeholder Collaboration: Work closely with system owners, ISSOs, and other stakeholders to ensure seamless assessment processes.
- Remediation and Follow-Up: Verify the implementation of remediation actions and conduct follow-up assessments as needed.
- Expert Advice: Provide expert advice on System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).
- Stay Ahead: Keep abreast of evolving cybersecurity threats, technologies, and best practices to ensure our defenses remain robust.
Qualifications:Required:- Active DoD Secret clearance
- University Degree (BA/BS) or equivalent experience and 7+ years of related work experience
- 4+ years' experience with systems in a Cloud environment and relevant technologies
- One of the DOD 8750 IAT II certifications (e.g., CCNA Security, CySA+, GICSP, GSEC, Security + CE, CND, or SSCP)
- CSSP-AU certification (must obtain within 60 days of employment)
- Demonstrated experience assessing RMF Step 4 and performing continuous monitoring
- Intimate understanding of NIST RMF implementation guidance
- Hands-on experience with eMASS or similar Information Assurance tools
- Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes
- In-depth knowledge of NIST Security Controls and Control Implementation methodologies
- Experience analyzing vulnerability scans and STIG implementations
- Ability to understand and support Privacy Compliance Activities
Desired:- Advanced industry standard Security Certifications
- Navy Qualified Validator (NQV)
- Hands-on experience with setting up or validating/assessing Cloud Systems
Pay Range:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
The proposed salary range for this position is:
$86,600 - $181,800
