Information System Security Officer (ISSO)
Job Category: Security
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Outside Continental US
The Opportunity:
The Information System Security Officer (ISSO) employee will be based in San Antonio, TX at 35th IS, Lackland AFB, TX . You must possess an active TS clearance and be SCI eligible and maintain an IAT level II certification (Security+ or equivalent). Additionally, you'll have experience in preparing, processing, assessing, validating, and maintaining Risk Management Framework (RMF) assessment and authorization (A&A) packages using Xacta360 and Xacta.io. You should be adept at identifying unpatched vulnerabilities, misconfigurations, and defects in security controls as outlined in the NIST SP 800-53/A and with implementing the functions outlined in the Air Force Cybersecurity Program and the NIST SP 800-37 to effectively identify and communicate system and program risks to decision makers. You'll possess demonstrated experience in assessing network risks through various methods such as audits, tests, and assessments. You should also possess an understanding of information system vulnerabilities and compliance leveraging cybersecurity tools such as Splunk, Assured Compliance Assessment Solution (ACAS)/Tenable, Endpoint Security Solutions (ESS)/Trellix, and SCAP Compliance Checker.
Responsibilities:
You will be a valued member of a diverse team, driving the cybersecurity mission of the 35th Intelligence Squadron while advancing your professional development through continuous learning and skill enhancement.
You will serve as Information System Security Officer, ensuring your systems receive timely Authorizations to Operate by applying the RMF throughout their lifecycle.
You will use your expertise to evaluate the cybersecurity posture of 35 IS systems against NIST and DoD policies (NIST SP 800-53/A, 800-37, ICD 503, AFI 17-101), providing risk and mitigation guidance using security assessments, vulnerability scans, patch management, and threat intelligence.
You will manage A&A projects using Xacta360, continuously monitor security controls, create POA&Ms and track remediation efforts, and manage body of evidence documents.
You will secure the confidentiality, integrity, and availability of the information environment by identifying and mitigating security threats and policy violations through systems monitoring, audit log reviews, and compliance reporting using Splunk and ACAS.
You will integrate cybersecurity principles into the change management process by conducting security impact analyses and making recommendations based on current security and privacy trends and technologies.
You will develop and maintain comprehensive cybersecurity documentation, including standard operating procedures, contingency and incident response plans, configuration management, auditing policies, account management protocols, test plans, and other A&A documents.
You will assist your teammates in managing the ports, protocols, and services management registrations.
Qualifications:
Required:
BA/BS degree or equivalent experience and minimum 5 years of related work experience.
In-depth knowledge of the Risk Management Framework.
Hand-on experience using Xacta360 and Xacta.io.
Experience validating NIST 800-53 security controls are implemented correctly, operating as intended, and producing the desired outcome.
Experience performing and analyzing system scans with ACAS.
The ability to evaluate audit logs for signs of security violations or breach.
The ability to multitask and manage own workload to meet deadlines.
The ability to work autonomously or as part of a team.
Strong written and verbal communications.
Prior experiencing working as an ISSO or ISSM.
Experience with ticketing and collaboration tools like Jira and Confluence.
Desired:
N/A
-
_ __
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust.
CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Your potential is limitless. So is ours.
Learn more about CACI here. (https://careers.caci.com/global/en/life-at-caci)
_ __
Pay Range : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (https://careers.caci.com/global/en/employee-benefits) .
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$68,400-$143,700
CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
S:CACI-GPSMALLB