Apply Now    

Sr. Cyber Security Lead

Req #: 244219
Location: Chantilly, VA US
Job Category: Security
Minimum Clearance Required: Secret

Job Description

We are looking for a Sr. Cyber Security Lead for an exciting program supporting the maintenance, reengineering, and integration of a set of Army financial management applications in an AWS cloud environment! This program is responsible for the maintenance and architecture of a cloud environment, including management of the family of financial management systems and the oversight of all information technologies and requirements for developing, administering, maintaining, and enhancing automated data and information systems that ensure efficient business operating processes.

This environment consists of multiple managed cloud environments (IaaS, PaaS) and numerous hosted data, applications, and processes that enable Army Planning, Programming and Budgeting (PPB) processes to develop the Army Future Years Defense Program. The cloud environment integrates multiple cloud services, commercial-off-the-shelf (COTS) applications, and custom applications storing data in multiple database engines including Oracle RDS, SQL Server RDS, Postgres, Mongo DB (IaaS), and RedShift, while serving more than 23,000 users. Applications exchange data with multiple other data systems and applications hosted in and out of the cloud. The environment performs a wide variety of automated validation routines, financial control enforcement, and produces outputs for submission to the Office of the Secretary of Defense (OSD).

The intent of the program is to maintain and enhance an IT service delivery model that offers consistency and predictability in client service levels within the cloud environment, improved accountability and efficiency, better cost management, and evolving the organization.

Position Description:

The Sr. Cyber Security Lead fills the DoD RMF role of Senior Information System Security Officer (S-ISSO) and performs integration of cybersecurity compliance (FISMA, RMF), cybersecurity operations, and systems development lifecycle (SDLC) security activities for all applicable environments and efforts. The Specialist provides support to all organization-wide information governance activities and ensures adherence to enterprise information security policies, standards and practices to achieve the required level of consistency, quality and protection to meet overall business needs. The Enterprise Security Specialist provides support in reviewing and editing existing Information Security Policies, procedures, and Standards.

The Sr. Cyber Security lead should have cybersecurity skill and expertise combined with knowledge of Agile application development and DevSecOps—demonstrating established experience with cloud platform services, DevOps practices such as build/release management, secure SDLC DevSecOps practices such as automating security processes in CI/CD pipelines, and general automation. This role must resolve problems, mitigate delays, disputes and escalate issues, requiring the ability to understand complex information, communicate the information to people with diverse professional backgrounds, provide recommendations to adapt and respond to dynamic cybersecurity landscape, and continually improve security processes and posture.

Responsibilities:

  • Conduct FISMA, RMF, and any other activities related to compliance with Federal Policies
  • Implement, assess, maintain, document and monitor all applicable RMF and CNSSI 1253 security controls for the cloud environment related eMASS records (Maintain eMASS records in NIPR and SIPR environment)
  • Ensure the secure operation and maintenance of the information systems to include configuration management (e.g. STIG compliance) within applicable environments
  • Maintain training currency / certifications with personnel’s professional certificates, DoD 8570 compliance, and any other training required for security tools utilized by the Army (e.g. network/vulnerability scanning, host-based security systems)
  • Implement and adjudicate static and dynamic code analysis, and when necessary provide manual code reviews to ensure known vulnerabilities or coding weaknesses are not introduced into the environments
  • Ensure compliance with Clinger-Cohen Act
  • Adopt new security frameworks as required

Minimum Qualifications:

  • Active DoD Secret Clearance
  • Undergraduate degree in computer science, information assurance/cybersecurity engineering, or mathematics from an accredited college or university
  • Minimum of 5 years of experience in enterprise information assurance/cybersecurity, cybersecurity operations, and federal cybersecurity compliance
  • Must be familiar with DoD Risk Management Framework
  • Understands NIST SP 800-53 and CNSSI 1253 security controls
  • Must be 8570 compliant DoD IAT Level III and IAM Level III with field related certifications from internationally recognized certification bodies with at least one cloud security certifications
  • Preference for an additional cloud platform specific (AWS) security certification


What We Can Offer You:

  • We’ve been named a Best Place to Work by the Washington Post.
  • Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
  • We offer competitive benefits and learning and development opportunities.
  • We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
  • For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.

Job Location

US-Chantilly-VA-VIRGINIA SUBURBAN


 

CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Apply Now