Information System Security Officer (ISSO)

Job description

Information System Security Officer (ISSO)

Job Category: Security

Time Type: Full time

Minimum Clearance Required to Start: Secret

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Continental US

* * *

**The Opportunity:**

CACI is looking for an Information System Security Officer (ISSO) to support our DoD customer to implement an enterprise IT service delivery model that provides consistent, secure, high-quality, and cost-effective services to enable mission success and improve end user experience across the customer environment.

On this program, CACI will deliver enhanced capabilities and services to implement and operate an enterprise ITSM solution, enterprise service desk, endpoint management and security solution, as well as CONUS/OCONUS field support and life cycle support for end user devices to enable the DoD customer to transition focus from IT operations to mission operations.

**Responsibilities:**

+ Verify that all requirements for system access to an Information System are met and that there is a signed Acceptable Use Agreement on file.
+ Assist in the preparation, distribution, coordination and maintenance of plans, instructions, policies, guidance, and standard operating procedures necessary for implementation of the Organization’s IA program and serve as the subject matter focal point for the Organization’s IA program.
+ The ISSM in ensuring that a Certification and Accreditation package is prepared and maintained in accordance with (IAW) the DoD Information Assurance Certification and Accreditation Process (DIACAP), or the DoD Risk Management Framework (RMF).
+ Overseeing System Owners to ensure they follow established IS policies and procedures.
+ Reviews weekly bulletins and advisories that impact security of site information systems to include, RCERT, ACERT, IAVA, and DISA ASSIST bulletins.
+ Provide clear and accurate reporting of current IAVA’s and statuses of implementation to ensure the security and health of our environment.
+ Provide support for the Department of the Air Force (DAF) Continuous Monitoring and Risk Assessment (CORA) process, ensuring alignment with security controls, risk management frameworks, and compliance requirements for cybersecurity assessments.

Assist in the development, review, and management of CORA documentation, supporting ongoing evaluation and mitigation of security risks within DAF systems.
+ Implementing and enforcing IS security policies.
+ Ensuring approved policies and procedures are in place capturing the organization’s requirements regarding all of the NIST 800-53r5 families.

The ISSO will assist in updating policies and procedures when changes occur or periodically.
+ Ensuring development and implementation of procedures in accordance with configuration management (CM) policies and practices for authorizing the use of hardware/software on an IS.

Any changes or modifications to hardware, software, or firmware of a system must be coordinated with the ISSM/ISSO and appropriate approving authority prior to the change.
+ Responding to security incidents, and for investigating and reporting (to the IAM and ISSO and to local management) security violations and incidents, as appropriate.
+ Serving as a member of the Change Advisory Board and Demand Approval Board
+ Working knowledge of system functions, security policies, technical security safeguards, and operational security measures.
+ Attending required technical (e.g., operating system, networking, security management, SysAdmin) and security training relative to assigned duties.
+ Ensuring that proper decisions are made concerning levels of concern for confidentiality, integrity, and availability of the data, and the protection level for confidentiality for the system.
+ Reporting all security-related incidents to the ISSM and Security Incident Response Team.
+ Initiating protective and corrective measures when a security incident or vulnerability is discovered, with the approval of the ISSM or System Owner.
+ Developing and maintaining an accreditation/certification and assessment/authorization support documentation package for system(s) for which they are responsible.
+ Conducting Continuous Monitoring in line with the DAF’s cATO methodology
+ Ensuring all IS security-related documentation is current and accessible to properly authorized individuals.
+ Ensuring system security requirements are addressed during all phases of the system life cycle.
+ Provide status updates on IA and system security health to the government in a formal setting.

The ISSO will need to provide updates for all of the systems when the ISSM is unavailable.

**Qualifications:**

_Required:_

+ 10+ Years of relevant experience (Bachelor’s Degree in applicable field may be substituted for 5 years of experience).
+ DoD 8570 IAT or IAT level II Certified
+ Familiarity with DoD Risk Management Framework (RMF) or DIACAP processes
+ Experience with classified environments and information systems
+ Knowledge of eMASS preferred
+ Knowledge of VDI preferred
+ Knowledge of the CORAs requirements and process preferred
+ ITIL Foundation preferred
+ Cloud Experience
+ DEVSECOPS Experience
+ DoD Secret Clearance
+ Strong technical written and verbal communication skills
+ Ability to work and lead other team members, with little oversight, to accomplish Sprints and organizational tasks.

-
**________________________________________________________________________________________**

**What You Can Expect:**

**A culture of integrity.**

At CACI, we place character and innovation at the center of everything we do.

As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

**An environment of trust.**

CACI values the unique contributions that every employee brings to our company and our customers - every day.

You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

**A focus on continuous growth.**

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

**Your potential is limitless.** So is ours.

Learn more about CACI here.

(https://careers.caci.com/global/en/life-at-caci)

**________________________________________________________________________________________**

**Pay Range** : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.

Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

We offer competitive compensation, benefits and learning and development opportunities.

Our broad and competitive mix of benefits options is designed to support and protect employees and their families.

At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.

Learn more here (https://careers.caci.com/global/en/employee-benefits) .

Since this position can be worked in more than one location, the range shown is the national average for the position.

The proposed salary range for this position is:

$75,200-$158,100

_CACI is_ _an Equal Opportunity Employer._ _All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any_ _other protected characteristic._

Required Skill Profession

Other General