High Point, North Carolina, United States of America
Cyber Security Administrator
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 25%
Type of Travel: Outside Continental US
Cyber Security Administrator is responsible for conducting information system security engineering activities, refines information security requirements and ensures its integration into information technology component products and information systems through purposeful security design, configuration, and continuous monitoring.
Duties and Responsibilities:
Work with systems architects/engineers to develop EIPs encompassing all required security controls; analyze system requirements and ensure compliant security mechanisms are in place; begin development of compliant body of evidence; ensure all CSfC documentation/HW/SW is compliant with NSA/CDSE requirements.
Provide guidance and input on information security Risk Management Framework (RMF) for DoD, and NIST RMF accreditation testing and evaluation.
Maintain, configure, and analyze network and host-based security platforms.
Use command-line level activities to configure, troubleshoot, analyze, and navigate system level actions.
Assign access level and/or privileges based on user’s need to know.
Enforce Enterprise level established security policies.
Conduct vulnerability scanning and analysis of systems and tools.
Formulate and implement security certification methods for projects/programs conforming to DoD and Federal Cyber Security requirements.
Advise on best practices of design, development, and continuous monitoring of an information system.
Advise on vulnerability management and security scanning practices.
Apply knowledge of Information Assurance policies, procedures, and workforce structures to design, develop, and implement secure networking, computing, and enclave environments.
Support security planning, assessment, risk analysis, and risk management using the Risk Management Framework (RMF) in execution of the RMF processes including the completion of RMF process steps in eMASS, the development of RMF artifacts (Security Plan, POA&M, Continuous Monitoring Plan, Risk Assessment Report, etc.), and the implementation and assessment of Security Controls and Control Correlation Identifiers (CCIs)
Identify overall security requirements for the proper handling and protection of government data.
Maintain and update relevant information system , process documentation, and develop ad-hoc reports as needed.
Successfully manage time and technical responsibilities, set accurate expectations, and meet deliverable deadlines while working in a team and information sharing environment.
Coordinate with ISSM/ISSO to update POA&M and reflect open vulnerabilities associated with operation Hardware and software baselines, develop remediation plans to include milestone completion dates and status updates, and include mitigation process for closed vulnerabilities.
Keep informed of currently approved standards, codes, and procedures applied to cybersecurity specialty.
Travel to other CACI Locations or Customer Sites as necessary
Understand and adhere to all CACI Ethical and Compliance policies.
Proactively ensure a safe work environment and adhere to CACI EH&S policies and procedures.
Perform other duties as required.
If required, obtain/retain a government security clearance at the level required to perform the duties of the position.
Skills and Knowledge:
Current Active U.S. Department of Defense Secret Security Clearance
5+ years of related experience
Working knowledge of current Cyber technologies and experience with NIST 800 Series and DoD 8570 regulations and governing DISA STIGs and/or SRGs
Understanding of Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Assessments (IAVAs)
Prior experience with RMF controls, risk assessments, and POA&M generation
Strong working knowledge of Confidentiality, Integrity, and Availability (CIA) concepts, to include 2-factor authentication, Public Key encryption techniques, patch management, end-point security systems, intrusion detection, security event management and defense-in-depth.
Well versed in DoD cyber security Assessment and Authorizations (A&A) DoD Implementation, Directives, NIST Special Publications and other government cyber security standards, policies, and directives
Experience with Nessus, ACAS, SCAP
Experience completing and review DISA Security Technical Implementation Guides (STIGs)
Experience conducting risk analysis on products and system components through review of CVEs, plugins, IAVAs.
Experience onboarding assets to centrally managed Enterprise solutions
Application Security Architecture and Design experience
Security Compliance Operations and Application Security Assessment experience
DoD 8570.01 IAT level 2 or greater cyber security certification per DoD 8570.01 (such as Security+)
Possess strong speaking, writing, and presentation skills, as well as the ability to persuade, inspire and lead through influence.
Possess analytical and problem-solving skills necessary for quickly developing recommendations based on quantitative and qualitative data from many different types of sources.
Prior ISSE experience with a Department of Defense (DoD) customer.
Additional cyber and/or IT certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA’s Advanced Security Practitioner (CASP)
Knowledge of risk assessment tools, technologies, and methods
Experience designing secure networks, systems, and application architectures.
Experience planning, researching, and developing security policies, standards, and procedures.
Ability to communicate network security issues to peers and customers.
Proficient in Microsoft software applications and other software applications as required, including Microsoft SharePoint
Systems integration experience
Excellent interpersonal and presentation skills
Good oral and written communications skills
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic.
CACI / Equal Opportunity Employer / JBCAC 285613
Secret, CLZSS, SKINT, SKCYB, JBCACI SKUUU, NC_HIGH POINT NC_NORTHCAROLINA ZC28543