CACI’s Agile Solution Factory (ASF) is looking for a Cybersecurity Specialist with experience working in an Agile environment, capturing, analyzing, and managing functional and non-functional cybersecurity requirements. Join this passionate team of industry-leading individuals supporting the Best Practices in Agile Software Development for the Department of Defense.
ASF programs thrive in a culture of innovation and are constantly seeking individuals who can bring creative ideas to solve complex problems, both technical and procedural at the team and portfolio levels. The ability to be adaptable and to work constructively with a technically diverse and geographically separated team is crucial.
The individual must possess network security skills and a technical understanding of cybersecurity best practices including Risk Management Frameworks (RMF), to provide secure and reliable hardware and software solutions. Agile Scrum delivery skills and project facilitation experience are also required, including meeting with stakeholders to identify and agree upon requirements, decomposing those requirements into user stories and then clearly communicating those requirements to the cybersecurity and/or development teams. They must also have a working knowledge of enterprise class information assurance requirements, network security and survivability, and validation of application development code in a DevSecOps pipeline.
Other responsibilities include:
Facilitating sprint planning, retrospective and demos. Remove team impediments, constraints, and ensure cross-team coordination
Support cybersecurity operation leads in coordination with the DevSecOps team to ensure continued support and maintenance of the cybersecurity tool suite.
Managing cybersecurity product releases and dependencies across various teams and third parties
Ensuring compliance with the ASF Agile methodology, Cybersecurity Program strategy and cybersecurity industry best practices
Development and Maintenance of cybersecurity portfolio, product team and ATO roadmaps
Support development of DoD RMF Security Implementation Plan and schedule.
Assisting with the tracking of cyber metrics and contractual Service Level Agreements (SLAs)
Implementing and validating Security Technical Implementation Guide (STIG) requirements
Assisting developers with static code analysis
Utilizing tools such as Python, PowerShell, Docker, Pentest-tools, scripting XP
Validating and verifying security patch and software control statuses
Applying patches and security settings, performance incident handling and remediation
Knowledge of National/DoD/Army Directive security policies including, but not limited to, DODI 8500.01, DODI 8510.01, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, AR 25-2, and AR 380-5
Demonstrated experience with the Department of Defense (DOD) Risk Management Framework (RMF) Assess and Authorize (A&A) Process for development and sustainment projects