CACI International - Alexandria, VA
posted 5 months ago
CACI is seeking an Information Systems Security Manager (ISSM) Cyber security professional to join our team supporting a Department of Defense (DoD) client. In this role, you will be the Cyber Security and Security Technical Implementation Guidelines (STIG) subject matter expert. As a valued member of the team, you will work with the team to ensure that any network or application within the client's purview desiring connectivity to the client's cloud computing environment meets all security requirements and specifications according to DoD Instruction 8510.01 Department of Defense Risk Management Framework (RMF). You will manage extensive security evaluations of information systems and networks and the remediation of security control weaknesses, prepare evaluation reports, and present recommendations. Additionally, you will conduct trade-off analyses of products for clients to determine optimal information security solutions and maintain a high level of familiarity with the major Federal Government Information Security policy guidance and directives. Your responsibilities will also include performing physical security tasks in accordance with the DoD 5200.1-R, Information Security Program Regulation, Administrative Instruction 26 Information Security Supplement to DoD 5200.1-R and Executive Order 12958 (as amended). You will provide ongoing security training to the client's on-site personnel and ensure the physical environment of the computers and their terminals are properly secured and meet all Operation Security (OPSEC) requirements. Conducting structured walk-throughs based on Continuity of Operations Plans to ensure integrity of the network's ability to reconstitute normal system functions, including reinstallation of applications after a catastrophic failure, will also be part of your role. You will coordinate Assess and Authorize (A&A), Configuration Management (CM), and Release Management requirements for the client's systems in accordance with DoD Instruction 8510.01 RMF. It is essential to ensure each network or system is operated, maintained, and disposed of in accordance with DoD security policies and practices and System Security Plan. You will also need to ensure application, system, environment, or organizational changes do not adversely affect the security posture of the system security compliance and assessment. Furthermore, you will determine the extent a system change may affect the security posture of either the information system or the computing environment and ensure the implementation of such changes are documented in the Enterprise Mission Assurance Support Service (eMASS), System Security Plans, and site operating procedures.