CACI System Security Engineer - TTO6-06 POSITION SUMMARY: Company expert in monitoring, evaluating, and maintaining systems and procedures to protect the data systems and databases from unauthorized users. Identifies potential threats and responds to reported security violations. PROJECT ROLE: This System Security Engineer will provide support to the testing and auditing processes and procedure in support of the CASPORT project. Additionally the candidates will provide Information Assurance services including risk analysis and mitigation, certification and accreditation support, System Security Plan (SSP) document preparation, and system security continuous monitoring. Monitor, and maintain, accredited Enterprise service implementations. Assist the Government in the preparation and maintenance of System Security Plans (SSP). Facilitate new or modified data flows onto existing systems. Provide downgrade and sanitization services for software code and documentation. Provide software and system security documentation for accreditation, maintenance, and delivery. Duties and Responsibilities: - Evaluates new technologies for use within the organization and a client sites. Maintains an understanding of current threats, exploits, vulnerabilities, vectors for exploitations, perimeter and LAN defenses, countermeasures, and other software platforms. - Disseminates and ensures implementation of company policy, guidance, and training requirements. - Ensures all users meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the network/infrastructure. - Prepares, distributes, and maintains plans, instructions, and SOPs concerning system security. - Reviews and evaluates the effects on security of system changes, including interfaces with other infrastructures and document all changes. - Ensures system recovery processes are monitored and that security features and procedures are properly restored. - Maintains current software licenses and ensures security related documentation is current and accessible to properly authorized individuals. - Evaluates business objectives, derives the technical requirements and develops secure, reliable, efficient solutions for the business. - Publishes weekly significant actions and monthly summaries of detected activity and responses. - Collects and documents security requirements from internal groups in a presentable format. Engineers security solutions and standards based on requirements, best practices, and technical knowledge. - Develops network security design diagrams in appropriate software, composes standards documents, organizes and maintain security engineering internal website. - Performs proof of concept testing and validation of network security design. Reviews security configuration of firewall, VPN, routers, and IDS. Stays abreast of security trends and new technologies that will enhance current and future network security architectures. - Provides escalation support to security operations. Assists in educating users on security procedures. - May serve as a high level independent contributor or as a senior team lead.. EDUCATION & EXPERIENCE: Typically requires bachelor's degree or equivalent and 10 to 12 years of related experience. Minimum Required Skills/Experience - TS/SCI Clearance with polygraph - Bachelor's Degree or higher in computer engineering or in a field related to the computer engineering or computer science disciplines - 5 years Security Engineering experience. An additional 4+ years of Security Engineering experience may be substituted for the degree for a total of 9 years Critical Skills: - Experience with security accreditation of systems on multiple operating systems including CentOS and windows. - Experience with network monitoring tools and security scanners such as Nessus, Retina, Gold Disk, and Big Brother - Experience with network capture and monitoring tools such as Wireshark and NMAP Desired Skills: - Experience with databases to include Oracle - Experience with Networking and Communications technology to include Secure Shell Client, VMWare Infrastructure Client, Ethernet, PKI, TLS, SSH, FTP, TCP/IP, DNS, WINS, Integrated Dell Remote Access Controller (iDRAC), Remote LAN Management (RLM for NetApp), Remote Desktop Connection, Gateways, Internet, Intranet, LANs/WANs, NetBIOS, NFS, Norton Utilities, Routers PHYSICAL DEMANDS: Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.