CACI International

Senior Information System Security Officer

CACI International$105K — $231K *
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • U.S. Citizenship required
  • FEMA End of Day suitability or current DHS/FEMA End of Day preferred
  • BS/BA with 15 years of applicable experience in information security
  • One of the following IAT Level III qualifications: CISSP, CISM, or CASP+
  • 10+ years of experience in information security
  • Expertise in RMF, Information Security processes, audits, tools, and implementation
  • Experience developing System Security Plans, POA&Ms, and Configuration Management Plans

Responsibilities

  • Execute complete RMF activities for ATO decisions including system categorization and security control selection
  • Develop and maintain System Security Plans (SSPs) and Configuration Management Plans
  • Conduct Security Impact Analyses and approve Change Requests
  • Develop and test Contingency Plans and Incident Response Plans
  • Perform Risk Assessments and annual security assessments
  • Advise system owners on cybersecurity matters and develop remediation work plans
  • Maintain Hardware and Software Inventory Lists and conduct FISMA Scorecard Analysis

Benefits

  • Healthcare benefits
  • Wellness programs
  • Financial benefits
  • Retirement plans
  • Family support services
  • Continuing education opportunities
  • Generous time off policies
Full Job Description
Job Title: Senior Information System Security Officer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: None

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

* * *


The Opportunity:

CACI is searching for a Senior Information System Security Officer (Senior ISSO) to support the FEMA Office of the Chief Information Security Officer (OCISO) in Washington, D.C. As a Senior Information System Security Officer, you will play a crucial role in ensuring the security and compliance of FEMA's information systems. You will work in a dynamic environment, collaborating with IT system owners, stakeholders, and cybersecurity professionals to implement and maintain robust security controls. Your efforts will directly contribute to safeguarding FEMA's mission-critical systems and data. The Senior ISSO will serve as the single point of contact for the Cybersecurity Division on all systems security matters, leading cybersecurity engineering efforts for assigned Program Management Organizations with direct support to the Compliance Branch Lead. This includes spearheading systems' ATO efforts and maintaining a security posture in compliance with FISMA, DHS 4300 Series, NIST, and DHS and Component Directives. The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions and ensure all security documentation is kept up to date.


Responsibilities:

The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions including system categorization, security control selection and implementation, self-assessments, POA&M development, and continuous monitoring. This position requires developing and maintaining System Security Plans (SSPs) including control baselines, inheritance, Business Impact Analyses, implementation statements, technical and system descriptions, and hardware and software inventories. The Senior ISSO will create and maintain Configuration Management Plans, conduct Security Impact Analyses, approve Change Requests, and test configuration changes. Responsibilities include developing and testing Contingency Plans and Incident Response Plans to ensure business continuity, as well as conducting Risk Assessments, annual security assessments, and vulnerability assessments across assigned systems. The position involves developing security architecture designs, requirement traceability matrices, and authorization boundary diagrams while advising system owners and senior executives on all cybersecurity matters and developing remediation work plans for audit findings. The Senior ISSO will maintain Hardware and Software Inventory Lists and conduct FISMA Scorecard Analysis on a daily basis. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating Risk Assessment Reports within 0 to 15 days after analysis completion, and producing Weekly Activity Reports and Monthly Program Reports to track progress and compliance. The Senior ISSO will ensure proper access controls are implemented for both system access and physical access to data processing facilities, track and suggest technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access, and research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and network and device security and encryption.


Qualifications:


Required: 

- U.S. Citizenship required  

- FEMA EOD suitability or Current DHS or FEMA EOD preferred

- BS/BA + 15 years of applicable experience in information security  

- Must have one of the following Information Assurance Technician (IAT) Level III qualifications:

  - Certified Information System Security Professional (CISSP)

  - Certified Information Security Manager (CISM)

  - CompTIA Advanced Security Practitioner (CASP+)

- 10+ years of experience in information security  

- Demonstrated expertise in RMF, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security

- Experience developing System Security Plans, POA&Ms, and Configuration Management Plans

- Knowledge of NIST SP 800-37, NIST SP 800-53, and DHS 4300 Series requirements



Desired:

- Active Secret security clearance

- Previous DHS or DoD experience

- Experience with CSAM, RegScale, eMASS, or similar GRC tools

- Experience supporting emergency operations or disaster response missions

- Knowledge of cloud security and FedRAMP authorization processes

- Experience with continuous monitoring and automated security tools

- Strong communication skills for presenting to senior leadership

-


Pay Range:

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$105,100-$231,100

About CACI International

CACI International Inc is a multinational professional services and information technology company. It provides services to many branches of the federal government including defense, homeland security, intelligence, and healthcare. CACI has approximately 23,000 employees worldwide. The company's mission is to provide enterprise and mission technology services and solutions that best fit the needs of its customers. CACI has been named a Fortune World's Most Admired Company, a Washington Post Top Workplace, and a Forbes Best Employer for Diversity.
Learn more about CACI International
Size
22,000 employees
Market Cap
$7.1 billion
Industry
Net Income
$374.4 million
Founded
1962
5 Year Trend
+7.3%
Revenue
$5.8 billion
NASDAQ

Similar Jobs

More Jobs at CACI International

More Information Technology Jobs

Find similar Senior Information System Security Officer jobs: