Job Requisition Number: 104990
Category: Information Systems - Security
Primary Location: Springfield, VA, US
Security Clearance: TS/SCI
Clearance Status: Must be Current
Schedule: Full Time
Type of Travel: Continental US
Percent of Travel Required: Up to 10%
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. Join CACI, where you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian clients. A member of the Fortune 1000 Largest Companies and the Russell 2000 Index, CACI provides dynamic careers for approximately 15,000 employees working in over 120 offices worldwide.
Duties and Responsibilities:
Provide support to collect metrics across Agency in support of Federal laws, as well as IC and DoD requirements including FISMA, ICD 503, and Key Information Sharing and Safeguarding Indicators (KISSI). The candidate shall coordinate, evaluate and provide recommendations concerning NGA compliance with National, Intelligence Community, Department of Defense, and Congressional information assurance mandates, such as FISMA. Tasks include the following:
o Work across CS Divisions to submit, respond, and compile Directors Action Committee taskers.
o Prepare and provide periodic status briefings on network and systems assessment progress, findings, and remediation efforts.
o Prepare and gather information to provide FISMA annual report for the Agency.
o Gather information, prepare and provide FISMA quarterly updates for the Agency.
o Support the management of the external FISMA program, to include planning, scheduling, tracking final reports and other assigned duties.
o Gather information, prepare, and provide the Joint Forces Readiness Review (JFRR) reports (quarterly or as required by DoD).
o Prepare Computer Network Defense reports (annually or as required by DoD) for submission to DoD.
o Prepare and monitor project/program schedules for assigned activities and as needed for effective activity management.
o Prepare Monthly IA metrics reports (as transition to constant monitoring) and provide to government PM.
o Document meeting minutes and briefings for assigned activities and as needed for effective activity management.
o Assist with the semi-annual updates of IA strategic plan, implementation plan, budget and NGA's IA policies and instructions.
o Assist in leading, supporting, and/or facilitating Agency-level, Directorate-level, Office-level, and Division-level security assessments of NGA's information systems and networks, and remediation of IA vulnerabilities identified as a result of those assessments.
o Assist in leading, supporting, and/or facilitating Agency-level, Directorate-level, Office-level, and Division-level security assessments of NGA's overall enterprise security posture, and mitigation of IA findings and risks identified as a result of those assessments.
o Provide support to NGA's IA Program including development, collection, assessment, and reporting of IA metrics; development, implementation and maintenance of Agency-level information assurance plans and documents; and development, implementation, and execution of Agency- or Office- level IA special programs or projects as required.
o Assist in managing NGA's Information Assurance Workforce Improvement Program (IAWIP) including supporting contractor and government personnel certification efforts and NGA compliance reporting (DoD 8570 requirements).
o Provide support for Division-level activities including but not limited to Web-site maintenance; tracking of official tasker responses; budget planning/reporting and development of planning, reporting and archiving documents.
o Support NGA's IA outreach, collaboration, and communication activities with entities outside of the Agency by representing NGA at Intelligence Community, DoD, and other government meetings, briefings, and conferences.
o Ensure task activities and solutions are collaborated, coordinated, and/or approved as appropriate throughout the NGA enterprise as well as with other government and industry organizations, as required.
o Support full access for the periodic Independent Verification and Validation (IV&V) process including Configuration Management (CM) and documentation audits for tracking and resolution of findings for the DoD Computer Network Defense (CND) Service Provider.
Requires a Masters degree and 10 years of directly related experience, or a Bachelors degree and 12 years of directly related experience.
- Knowledge and experience in security disciplines including, but not limited to, information systems security, operations security, administrative security, personnel security, physical security and communications security.
- Knowledge of DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-55, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37, and security controls assessment criteria/procedures
- Knowledge and experience of information systems security policies and practices, computer science, state-of-the-art security tools and applications, and a thorough knowledge of IT
- Knowledge of DoD/IC system security control requirements
- Knowledge of the capabilities and functionality associated with various technologies for organizing and managing information (e.g., databases, bookmarking engines)
- Knowledge of the capabilities and functionality of various collaborative technologies (e.g., groupware, SharePoint)
- Knowledge of the principal methods, procedures, and techniques of gathering information and producing, reporting, metrics development, and sharing intelligence
- Knowledge of the organization's core business/mission processes
- Knowledge of Personally Identifiable Information (PII) data security standards and security controls
- Skill in conducting information searches and analytical research and analysis
- Skill in conducting knowledge mapping (i.e., map of knowledge repositories)
- Skill in using knowledge management technologies
- Ability to match the appropriate knowledge repository technology for a given application or environment
- Minimum of 10 years' experience in systems engineering or requirements analysis as applied to the cybersecurity, information assurance or related field; candidate must have experience with application of security controls to information systems.
TS/SCI . DOD 8570 IAT/IAM Level III certification within 4 months of start. CISSP preferred.
Experience with XACTA, Microsoft Office Suite products and briefing senior leadership.
CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
About CACI International Inc
CACI International Inc (CACI) along with its wholly owned subsidiaries and joint ventures, is an international information systems, high technology services, and professional services corporation. It delivers professional services and information technology solutions to its clients, primarily the United States government. Other customers include state and local governments, commercial enterprises and agencies of foreign governments. The Company operates two units: domestic operations and international operations. CACI delivers professional services and information technology (IT) solutions to its clients. Its services are primarily targeted to the areas of defense, intelligence, homeland security and IT modernization. In February 2010, the Company announced that it has completed its transaction to acquire SystemWare, Inc.