CACI is seeking a Cyber Security Lead who will serve as the operation and maintenance lead for the Warrior Prep center (WPC) Assured Compliance Assessment Solution (ACAS) systems in Einsiedlerhof AS, Germany supporting the AFMS3 2.0 program.
AFAMS is the premier agency responsible for implementation, integration, and development of Modeling and Simulation (M&S) and training and analysis standards that support the US Air Force (USAF), Department of Defense (DoD), and mission partners requiring these capabilities to support the Warfighter in full-spectrum operations. In the current resource constrained environment, demand for M&S rises with the continuously evolving need for operational readiness and mission preparedness across the USAF, DoD, and with coalition partners. AFAMS focuses on providing innovative M&S services as the key to meeting this demand.
What You’ll Get to Do:
Conduct vulnerability scans and produce scan result reports monthly or as required after major network reconfiguration and sustain the accredited cybersecurity posture of the WPC’s domain enclaves.
Provide guidance and subject matter expertise on DoD and AF policies, instructions related to the C&A processes, AF Security, Interoperability, Supportability, Sustainability and Interoperability (SISSU) activities, DoD Enterprise Mission Assurance Support Service (eMASS) web based tool used to implement the DoD Information Assurance C&A Process, the AF Certification and Accreditation Process (AFCAP), and DoD’s Risk Management Framework (RMF).
Actively track and maintain each network’s cyber-vulnerability level and system compliance to applicable DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
Provide technical inputs for Cyber Vulnerability Management (CVM) and Risk Management Framework (RMF) Plans of Action and Milestones (POA&Ms) regarding remediation timelines or vulnerability mitigation to sufficient detail.
Troubleshoot and research problems with systems that do not provide a complete or fully-credentialed scan result until resolved.
Remediate vulnerabilities (e.g. install patches & updates) STIG/SRG configuration compliance actions on domain core services systems and workstations in coordination with and support of WPC Comm Support system administration personnel.
Maintain inventory of active hosts on the different networks and the corresponding basic inventory listings of software used in order to determine STIGs and/or SRGs that need to be applied.
Research proposed configuration updates/changes and apply a “patch-and-test” approach as appropriate to determine if a particular configuration update/change will have a detrimental effect on the WPC processes and mission in order to make a determination on application in the operational environment.
Perform hands-on validation of IA control implementation in M&S/LVC
You’ll Bring These Qualifications:
Active Secret security clearance.
MA/MS degree with 10+ years of experience. If the candidate does not have a degree an additional 6 year's experience can be substituted for a total of 16 year's experience.
DoD 8570.1 IAT Level II Certification required.
Microsoft Certified Solutions Expert: Server Infrastructure and/or Red Hat Certified System Administrator.
Experience with ACAS or Tenable Nessus vulnerability scanners.
These Qualifications Would be Nice to Have:
IAT Level III Certification i.e. CISSP.
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.