CACI International

Senior Information System Security Officer

CACI International$105K — $231K *
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • U.S. Citizenship and Active Top Secret security clearance required
  • FEMA EOD suitability or Current DHS or FEMA EOD preferred
  • Bachelor's degree plus 15 years of relevant experience in information security
  • One of the following qualifications: CISSP, CISM, or CompTIA CASP+
  • 10+ years' experience in information security and demonstrated expertise in RMF, audits, and IT security
  • Experience in developing System Security Plans, POA&Ms, and Configuration Management Plans
  • Knowledge of NIST 800-37, NIST 800-53, and DHS 4300 Series requirements

Responsibilities

  • Execute complete RMF activities for ATO decisions including system categorization and continuous monitoring
  • Develop and maintain System Security Plans (SSPs) with control baselines and technical descriptions
  • Create and maintain Configuration Management Plans and conduct Security Impact Analyses
  • Develop and test Contingency Plans and Incident Response Plans for business continuity
  • Conduct Risk Assessments and annual security assessments across assigned systems
  • Advise system owners and senior executives on cybersecurity matters and develop remediation plans
  • Ensure proper access controls for system and physical access and track recommended protection technologies

Benefits

  • Comprehensive healthcare and wellness programs
  • Competitive retirement and financial benefits
  • Family support and continuing education opportunities
  • Flexible working environment for work-life balance
  • Time off benefits to support personal well-being
Full Job Description
Job Title: Senior Information System Security Officer

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: Top Secret

Employee Type: Regular

Percentage of Travel Required: None

Type of Travel: None

* * *


The Opportunity:

CACI is searching for a Senior Information System Security Officer (Senior ISSO) to support the FEMA Office of the Chief Information Security Officer (OCISO) in Washington, D.C. As a Senior Information System Security Officer, you will play a crucial role in ensuring the security and compliance of FEMA's information systems. You will work in a dynamic environment, collaborating with IT system owners, stakeholders, and cybersecurity professionals to implement and maintain robust security controls. Your efforts will directly contribute to safeguarding FEMA's mission-critical systems and data. The Senior ISSO will serve as the single point of contact for the Cybersecurity Division on all systems security matters, leading cybersecurity engineering efforts for assigned Program Management Organizations with direct support to the Compliance Branch Lead. This includes spearheading systems' ATO efforts and maintaining a security posture in compliance with FISMA, DHS 4300 Series, NIST, and DHS and Component Directives. The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions and ensure all security documentation is kept up to date.


Responsibilities:

The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions including system categorization, security control selection and implementation, self-assessments, POA&M development, and continuous monitoring. This position requires developing and maintaining System Security Plans (SSPs) including control baselines, inheritance, Business Impact Analyses, implementation statements, technical and system descriptions, and hardware and software inventories. The Senior ISSO will create and maintain Configuration Management Plans, conduct Security Impact Analyses, approve Change Requests, and test configuration changes. Responsibilities include developing and testing Contingency Plans and Incident Response Plans to ensure business continuity, as well as conducting Risk Assessments, annual security assessments, and vulnerability assessments across assigned systems. The position involves developing security architecture designs, requirement traceability matrices, and authorization boundary diagrams while advising system owners and senior executives on all cybersecurity matters and developing remediation work plans for audit findings. The Senior ISSO will maintain Hardware and Software Inventory Lists and conduct FISMA Scorecard Analysis on a daily basis. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating Risk Assessment Reports within 0 to 15 days after analysis completion, and producing Weekly Activity Reports and Monthly Program Reports to track progress and compliance. The Senior ISSO will ensure proper access controls are implemented for both system access and physical access to data processing facilities, track and suggest technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access, and research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and network and device security and encryption.


Qualifications:


Required: 

- U.S. Citizenship required  

- Active Top Secret security clearance required  

- FEMA EOD suitability or Current DHS or FEMA EOD preferred

- BS/BA + 15 years of applicable experience in information security  

- Must have one of the following Information Assurance Technician (IAT) Level III qualifications:

  - Certified Information System Security Professional (CISSP)

  - Certified Information Security Manager (CISM)

  - CompTIA Advanced Security Practitioner (CASP+)

- 10+ years of experience in information security  

- Demonstrated expertise in RMF, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security

- Experience developing System Security Plans, POA&Ms, and Configuration Management Plans

- Knowledge of NIST SP 800-37, NIST SP 800-53, and DHS 4300 Series requirements



Desired:

- Previous DHS or DoD experience

- Experience with CSAM, RegScale, eMASS, or similar GRC tools

- Experience supporting emergency operations or disaster response missions

- Knowledge of cloud security and FedRAMP authorization processes

- Experience with continuous monitoring and automated security tools

- Strong communication skills for presenting to senior leadership


Pay Range:

There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$105,100-$231,100

About CACI International

CACI International Inc is a multinational professional services and information technology company. It provides services to many branches of the federal government including defense, homeland security, intelligence, and healthcare. CACI has approximately 23,000 employees worldwide. The company's mission is to provide enterprise and mission technology services and solutions that best fit the needs of its customers. CACI has been named a Fortune World's Most Admired Company, a Washington Post Top Workplace, and a Forbes Best Employer for Diversity.
Learn more about CACI International
Size
22,000 employees
Market Cap
$7.1 billion
Industry
Net Income
$374.4 million
Founded
1962
5 Year Trend
+7.3%
Revenue
$5.8 billion
NASDAQ

Similar Jobs

More Jobs at CACI International

More Information Technology Jobs

Find similar Senior Information System Security Officer jobs: