Job Description: Veterans Benefits Management System (VBMS) Information Assurance (IA) and Assessment & Authorization (A&A) Support - Information Security Specialist. CACI is looking for an Information Assurance (IA) Systems Specialist in our Charleston, SC office. Duties and Responsibilities: Information Security Specialist will execute tasking in support of the Veterans Affairs (VA) Assessment & Authorization (A&A) process for the VBMS system. This role is focused on application and code security for a set of custom web applications and service endpoints. The position requires: - An understanding of J2EE, Spring Framework with Spring Security, AngularJS, and Maven in large, distributed enterprise environments, with working knowledge of additional programming languages such as Python, Ruby, or Bash. - An understanding of manually and dynamically reviewing source code in order to identify, verify, and make recommendations for remediation of security weaknesses in code. - An understanding of the following security concepts: Quantitative Risk Assessment; Software Vulnerabilities and Weaknesses; Web Application security; Threat Modeling to include awareness and analysis of emergent threats; Network and transport security. - A basic understanding of Service-Oriented Architectures to include web services, web applications, data models and information flow. - Significant written and verbal communication, including risk assessments, compliance analysis reports, executive summaries of cyber threats, formal and informational briefings to CACI and VA Enterprise Program Management Office (EPMO) professional staff. This will require collaboration with VBMS System Administrators, Architects and Developers on a regular basis. The position would prefer: - An understanding of application security tools commonly used by the US Government and VA such as HPE Fortify, Portswigger Burpsuite, Smartbear SoapUI, and other open source security applications as needed. - A familiarity of NIST RMF to ensure the integrity and on-time delivery of all phases of the VA A&A process from Categorize through Monitor, with a focus on aspects that entail application security. - An understanding of COTS products such as Apache Web Server, Weblogic Application Server, Oracle Database, Java Runtime Environments, Docker, JWT, ESXI, and IBM Rational Tools. Experience with Agile and/or Scrum environments is a plus. - Experience analyzing and documenting compliance with established NIST security policies and federal regulations. - Experience supporting secure change management by performing quantitative risk assessments for proposed changes to production systems. Required Qualifications: - This job requires the ability to act independently. Additionally, a qualified applicant will have a professional demeanor, good people skills, and the ability to excel in a multi-tasked and dynamic environment by prioritizing tasks and managing to a schedule. - 1-3 years related experience with Bachelor's Degree in Computer Science, Information Technology, Information Assurance, or Information Security, or 4+ years related experience without degree. Some experience in a team environment is desired - A relevant information security certification (e.g. Security+, CEH, or equivalent) or technical certification (e.g. CCNA, RHCA, MCSA or equivalent) is preferred, but not required. - US Citizenship and eligibility for a VA Moderate clearance is required for this position.