Job Requirements
Washington, DC
Secret Polygraph Unspecified
Career Level not specified
$105,100 - $231,100
Job Description
Job Title: Senior Information System Security Officer
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
* * *
The Opportunity:
CACI is searching for a Senior Information System Security Officer (Senior ISSO) to support the FEMA Office of the Chief Information Security Officer (OCISO) in Washington, D.C. As a Senior Information System Security Officer, you will play a crucial role in ensuring the security and compliance of FEMA's information systems. You will work in a dynamic environment, collaborating with IT system owners, stakeholders, and cybersecurity professionals to implement and maintain robust security controls. Your efforts will directly contribute to safeguarding FEMA's mission-critical systems and data. The Senior ISSO will serve as the single point of contact for the Cybersecurity Division on all systems security matters, leading cybersecurity engineering efforts for assigned Program Management Organizations with direct support to the Compliance Branch Lead. This includes spearheading systems' ATO efforts and maintaining a security posture in compliance with FISMA, DHS 4300 Series, NIST, and DHS and Component Directives. The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions and ensure all security documentation is kept up to date.
Responsibilities:
The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions including system categorization, security control selection and implementation, self-assessments, POA&M development, and continuous monitoring. This position requires developing and maintaining System Security Plans (SSPs) including control baselines, inheritance, Business Impact Analyses, implementation statements, technical and system descriptions, and hardware and software inventories. The Senior ISSO will create and maintain Configuration Management Plans, conduct Security Impact Analyses, approve Change Requests, and test configuration changes. Responsibilities include developing and testing Contingency Plans and Incident Response Plans to ensure business continuity, as well as conducting Risk Assessments, annual security assessments, and vulnerability assessments across assigned systems. The position involves developing security architecture designs, requirement traceability matrices, and authorization boundary diagrams while advising system owners and senior executives on all cybersecurity matters and developing remediation work plans for audit findings. The Senior ISSO will maintain Hardware and Software Inventory Lists and conduct FISMA Scorecard Analysis on a daily basis. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating Risk Assessment Reports within 0 to 15 days after analysis completion, and producing Weekly Activity Reports and Monthly Program Reports to track progress and compliance. The Senior ISSO will ensure proper access controls are implemented for both system access and physical access to data processing facilities, track and suggest technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access, and research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and network and device security and encryption.
Qualifications:
Required:
- U.S. Citizenship required
- Active Secret security clearance required
- FEMA EOD suitability or Current DHS or FEMA EOD preferred
- BS/BA + 15 years of applicable experience in information security
- Must have one of the following Information Assurance Technician (IAT) Level III qualifications:
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CompTIA Advanced Security Practitioner (CASP+)
- 10+ years of experience in information security
- Demonstrated expertise in RMF, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security
- Experience developing System Security Plans, POA&Ms, and Configuration Management Plans
- Knowledge of NIST SP 800-37, NIST SP 800-53, and DHS 4300 Series requirements
Desired:
- Previous DHS or DoD experience
- Experience with CSAM, RegScale, eMASS, or similar GRC tools
- Experience supporting emergency operations or disaster response missions
- Knowledge of cloud security and FedRAMP authorization processes
- Experience with continuous monitoring and automated security tools
- Strong communication skills for presenting to senior leadership
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Pay Range :
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$105,100-$231,100
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: Secret
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
* * *
The Opportunity:
CACI is searching for a Senior Information System Security Officer (Senior ISSO) to support the FEMA Office of the Chief Information Security Officer (OCISO) in Washington, D.C. As a Senior Information System Security Officer, you will play a crucial role in ensuring the security and compliance of FEMA's information systems. You will work in a dynamic environment, collaborating with IT system owners, stakeholders, and cybersecurity professionals to implement and maintain robust security controls. Your efforts will directly contribute to safeguarding FEMA's mission-critical systems and data. The Senior ISSO will serve as the single point of contact for the Cybersecurity Division on all systems security matters, leading cybersecurity engineering efforts for assigned Program Management Organizations with direct support to the Compliance Branch Lead. This includes spearheading systems' ATO efforts and maintaining a security posture in compliance with FISMA, DHS 4300 Series, NIST, and DHS and Component Directives. The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions and ensure all security documentation is kept up to date.
Responsibilities:
The Senior ISSO will execute complete Risk Management Framework (RMF) activities for Authority to Operate (ATO) decisions including system categorization, security control selection and implementation, self-assessments, POA&M development, and continuous monitoring. This position requires developing and maintaining System Security Plans (SSPs) including control baselines, inheritance, Business Impact Analyses, implementation statements, technical and system descriptions, and hardware and software inventories. The Senior ISSO will create and maintain Configuration Management Plans, conduct Security Impact Analyses, approve Change Requests, and test configuration changes. Responsibilities include developing and testing Contingency Plans and Incident Response Plans to ensure business continuity, as well as conducting Risk Assessments, annual security assessments, and vulnerability assessments across assigned systems. The position involves developing security architecture designs, requirement traceability matrices, and authorization boundary diagrams while advising system owners and senior executives on all cybersecurity matters and developing remediation work plans for audit findings. The Senior ISSO will maintain Hardware and Software Inventory Lists and conduct FISMA Scorecard Analysis on a daily basis. Critical deliverables include preparing Security Test Plans 90 days prior to testing and Security Test Reports within 15 days after testing, generating Risk Assessment Reports within 0 to 15 days after analysis completion, and producing Weekly Activity Reports and Monthly Program Reports to track progress and compliance. The Senior ISSO will ensure proper access controls are implemented for both system access and physical access to data processing facilities, track and suggest technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access, and research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and network and device security and encryption.
Qualifications:
Required:
- U.S. Citizenship required
- Active Secret security clearance required
- FEMA EOD suitability or Current DHS or FEMA EOD preferred
- BS/BA + 15 years of applicable experience in information security
- Must have one of the following Information Assurance Technician (IAT) Level III qualifications:
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- CompTIA Advanced Security Practitioner (CASP+)
- 10+ years of experience in information security
- Demonstrated expertise in RMF, Information Security processes, audits, tools, implementation, FISMA, NIST, IT security
- Experience developing System Security Plans, POA&Ms, and Configuration Management Plans
- Knowledge of NIST SP 800-37, NIST SP 800-53, and DHS 4300 Series requirements
Desired:
- Previous DHS or DoD experience
- Experience with CSAM, RegScale, eMASS, or similar GRC tools
- Experience supporting emergency operations or disaster response missions
- Knowledge of cloud security and FedRAMP authorization processes
- Experience with continuous monitoring and automated security tools
- Strong communication skills for presenting to senior leadership
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Pay Range :
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$105,100-$231,100
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
group id: caci
CACI Careers – Your potential is limitless. So is ours.
