Cyber Security Analyst/RMF SME

Posted:
9/11/2024, 5:02:46 AM

Location(s):
Virginia, United States ⋅ Chantilly, Virginia, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Cyber Security Analyst/RMF SME

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Continental US

* * *


The Opportunity:
As the RMF SME, you’ll assist in the identification and implementation of information assurance/cybersecurity requirements. The successful candidate must have experience with NIST RMF,  threat analysis, vulnerability management, as well as accreditation and authorization processes and shepherding projects through to ATO approval. Our CACI cybersecurity teams use proven solutions to manage, monitor, and immediately respond to cyber threats. Capabilities include cyber assessments, event monitoring and incident response, and assist in the implementation of preventative measures to isolate and mitigate cyber threats


Responsibilities:

You will be responsible for assessing technologies, processes, and practices designed to protect networks, devices, programs, and data from malicious attack, damage, or unauthorized access.

  • Assist in the approach for delivering and maintaining security compliant systems in accordance with DoD cybersecurity requirements.

  • Oversee security control implementation methodologies in the A&A process.

  • Fully support the Risk Management Framework process end-to-end, and own the book of artifacts to include thorough documentation.

  • Support development and assembly of A&A documentation such as  System  Security Plans, Security Assessment Plans, Contingency Plans, and Risk Assessment Plan.

  • Brief stakeholders on the strategic plans and implementation of the RMF and cybersecurity policies and procedures.

  • Review the program’s cybersecurity processes and security control implementations.

  • Analyze vulnerability scan reports, assess security threats, and assist team members in developing and tracking remediation strategies.

  • Support with vulnerability management and provide updates on remediation activities.

  • Assist with contingency planning and incident response training and exercises.

  • Review DoD Information Assurance Vulnerability Management (IAVM) alerts and work with engineers, administrators, and developers to remediate identified issues.

  • Communicate security regulations, policies, and requirements to ensure compliance.

  • Ensure teams comply with security and privacy awareness training requirements.



Qualifications:

Required: 

  • 10+ year of demonstrated experience in the application of NIST RMF guidance, DISA STIGs, Privacy Act, or DoD regulations, instructions, manuals, checklists and guides for cybersecurity.

  • Experience writing and reviewing RMF artifacts.

  • Understanding of information and networking security requirements for Federal government, Department of Defense, or intelligence community. Experience using SonarQube, JFrog XRAY, eMASS, ACAS, WebInspect, Nessus, Static Code Analysis, Burp Suite or similar tools.

  • Experience performing vulnerability management activities including analysis, preparing recommendations, or remediation.

  • Must be detailed-oriented, exercise sound judgment, able to review the work of others, and be able to detect errors or needed modifications.

  • Must possess excellent oral and written communications skills with ability to communicate in a clear and concise manner to both technical and nontechnical audiences.

  • Monitoring and testing of IT systems for vulnerabilities and indicators of compromise

  • Configuring or validating secure systems

  • Active TS/SCI clearance





 

-

______________________________________________________________________________

What You Can Expect:

 

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

 

An environment of trust.

CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

 

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

 

Your potential is limitless. So is ours.

Learn more about CACI here.

______________________________________________________________________________

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.

The proposed salary range for this position is:

$109,800 - $241,600

CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.