Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
About the role
- Information Systems Security Officer managing RMF and security integration for CACI. Leading technical projects and mentoring junior engineers while ensuring compliance with cyber regulations.
Responsibilities
- Manage Risk Management Framework (RMF) process
- Work with system development team to identify needed RMF artifacts and load them into the government’s EMASS system.
- Develop security plans, policies, and designs.
- Configure and implement security solutions based upon the customer’s performance criteria and specifications
- Conduct systems pre-test and acceptance tests to validate the designed performance criteria
- Structure mock designs based upon RFP specifications in support of the Bids & Proposal teams
- Collaborate with government and /or subcontractors at customer site for security solution integration into existing infrastructure
- Develop and perform technical presentations for customers
- Mentor junior engineers and technicians
- Serve as technical lead on projects.
- Travel to other CACI Locations or Customer Sites as necessary
- Proactively ensure a safe work environment and adhere to CACI EH&S policies and procedures
- Perform other duties as required
Requirements
- A Bachelors degree is required.
- Knowledge of risk assessment tools, technologies, and methods including EMASS system
- Experience designing secure networks, systems, and application architectures
- Experience planning, researching, and developing security policies, standards, and procedures
- Ability to communicate network security issues to peers and customers
- Working knowledge of current Cyber technologies and experience with NIST 800 Series and DoD 8570 regulations and governing DISA STIGs and/or SRGs
- Understanding of Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Assessments (IAVAs)
- Prior experience with RMF controls, risk assessments, and POA&M generation
- Strong working knowledge of Confidentiality, Integrity, and Availability (CIA) concepts, to include 2-factor authentication, Public Key encryption techniques, patch management, end-point security systems, intrusion detection, security event management and defense-in-depth.
- Well versed in DoD cyber security Assessment and Authorizations (A&A) DoD Implementation, Directives, NIST Special Publications and other government cyber security standards, policies, and directives
- Experience with Nessus, ACAS, SCAP
- Experience completing and review DISA Security Technical Implementation Guides (STIGs)
- Experience conducting risk analysis on products and system components through review of CVEs, plugins, IAVAs
- Experience onboarding assets to centrally managed Enterprise solutions.
- Application Security Architecture and Design experience
- Security Compliance Operations and Application Security Assessment experience
- DoD 8570.01 IAT level 2 or greater cyber security certification per DoD 8570.01 (such as Security+)
- Experience designing and implementing Commercial Solutions for Classified (CSfC) Multi-Site Connectivity Capability Package desired
- Systems integration experience
- Excellent interpersonal and presentation skills
- At least five years of continuous recent experience in the field of DoD information systems security and/or cybersecurity.
- Possess an active Information Assurance Management (IAM) Level III certification.
- Additional cyber and/or IT certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA’s Advanced Security Practitioner (CASP)
- Possess an active DoD Secret clearance.
Benefits
- healthcare
- wellness
- financial
- retirement
- family support
- continuing education
- time off benefits
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.
Principal Information Security Consultant at Westpac focusing on security protocols and employee benefits for staff. Hybrid role centrally located with opportunities for professional development and employee perks.
Engineer supporting secure development lifecycle processes for product lines in the energy sector. Collaborating with R&D on security requirements and compliance audits.
Automation Oversight Engineer providing oversight of compliance in automated device configurations for Comcast Business. Managing configuration checks and reporting, ensuring reliable oversight and improvement strategies.