Information Assurance Analyst
Company: CACI International Inc.
Posted on: June 12, 2021
CACI seeks a talented Information Assurance (IA) Analyst to join
our Advanced Solutions Group, within the National Security and
Innovative Solutions Sector. We enable national security missions
through creation and delivery of innovative, technology-centric
solutions that provide decision advantage to our customers. Our
client engagement processes, the way we collaborate, operate and
deliver value provides an unparalleled opportunity to grow and
This opportunity offers very rewarding and unique benefits,
which equates to 50% of compensation on TOP of your base salary!
The first part is a tax-qualified profit-sharing retirement plan,
to which CACI annually contributes up to 25% of your base salary
(not in excess of applicable IRS limits) to your retirement
account. The second component consists of an Individual Benefit
Account (IBA), which is used for premiums, medical reimbursements,
dependent care, education and Paid Time Off (PTO) policy. Both
components of the benefit package are paid for by CACI, in addition
to your base salary and potential performance bonuses. We believe
in a healthy home/work balance and our locations offer a wide
variety of activities to balance with your work life.
What You'll Get to Do:
- Navigate Accreditation and Authorization processes to ensure
that the program deliverables receive Approvals To Operate.
- Work with the customer IA representatives to complete Risk
Management Framework activities and documentation.
- The IA Analyst will work with program engineers, developers,
DevOps, Infrastructure teams to ensure that products are compliant
with security requirements and continuously monitor subsequent
releases to maintain compliance.
- The position will be the program's IA representative.
- Coordinate with customer IA representatives
- Characterize systems in accordance with the Risk Management
- Write documents to include System Security Plans, Security Test
Procedures and Plan Of Actions & Milestones, SOPs
- Provide technical requirements and solutions to program
- Provide technical justifications to tailor security
- Execute government-witnessed security test events
- Use automated tools to provide vulnerability and compliance
assessments (Nessus, SCC/SCAP, SAST, DAST)
- Design, develop, and deploy out-of-the-box solutions and hosted
on bare metal servers or virtualized environment
- Develop DevOps/DevSecOps/AppSec process to support ASD
- Work with program and technical staff in all aspects of daily
- Fully engaged in the implementation of a DevOps/AppSec
practices for supporting IT
- Support information assurance process in a technical role by
complying with technical controls, technical checklists etc.
- Review IAVM notices and address with program engineers as
- Ensure regular patching of systems
- Monitor software releases to ensure continued compliance and
closure of POA&M items
- Support corporate IA personnel in efforts related to assigned
- Position may require some travel to support security test
You'll Bring These Qualifications:
- Active TS//SCI
- Bachelor's degree and a total of over 3 years of experience and
a minimum of one year experience in the field of Information
Assurance (IA) and/or Cybersecurity to include:
- Experience in the following software development life cycle
phases: initiation, acquisition/development, implementation,
operations/maintenance, and disposition to incorporate the security
steps needed to effectively incorporate security into a system
during its development.
- Experience supporting DoD or Intelligence Community acquisition
program or projects that have resulted in Interim Authorization to
Test (IATT) and/or Authorization to Operate (ATO).
- Experience and application in the use of DoD-approved scanning
tools to include, but not limited to, Nessus (Assured Compliance
Assessment Solution ((ACAS)), Security Content Automation Protocol
(SCAP) Compliance Checker (SCC), SCAP security configuration
scanner, Security Technical Implementation Guidance (STIG) Viewer,
and Network Mapper (nMAP).
- Must possess security certification for the Information
Assurance Technical (IAT) II in accordance with the Information
Assurance Work Improvement Program, DoD 8570.1-M.
- Experience with installing, running, reviewing results from
DevSecOps tools (ie,, Static Application Security Testing (SAST),
Dynamic Application Security Testing (DAST))
- Must know Linux.
- Thrive in an energetic, fast-paced environment - learn and
become productive quickly and meet team goals, can-do attitude,
able to do what it takes to deliver
- Demonstrated ability to work as part of an integrated team, as
well as independently
- Strong interpersonal and relationship building skills conducive
to team building
- Familiarity with the secure configuration of Linux
- Knowledge of DoD RMF
- Experience creating, updating, and managing projects in
- Certified in accordance with DoD 8570.1 IAT level II -
(Security+, CISSP, or similar)
- Experience operating ACAS/Nessus, SCC/SCAP/STIGs and
interpreting resulting scans.
These Would Be Nice to Have:
- Knowledge of DCID 6/3, ICD 503, CNSSI 1253, NIST SP 800-53,
NIST SP 800-53A, NIST SP 800-37, and security controls assessment
- Familiarity with the secure configuration of Cisco devices
- Familiarity with SSRDB and the process for vetting third party
- Familiarity with DISA STIGs
- Possess an active relevant technical certification (Certified
Information Systems Security Professional, Offensive Security
Certified Professional, Global Information Assurance Certification,
Cisco Certified Network Associate/ Cisco Certified Network
- Experience with applying of National Institute of Standards
(NIST) 800-64, Revision 2 - Security Considerations in the Systems
Development Life Cycle.
- Engineering and/or architecture experience with web
applications, application stacks, web application firewalls,
intrusion detection sensors, antimalware technologies,
vulnerability scanning technologies, and advanced persistent threat
(APT) prevention technologies.
- Knowledgeable on cyber threats relative to the DoD and
Intelligence Community industry.
- Experience creating analytical reports for Leadership on
complex security issues.
- Experience designing secure networks, systems, and application
What We Can Offer You:
- We've been named a Best Place to Work by the Washington
- Our employees value the flexibility at CACI that allows them to
balance quality work and their personal lives.
- We offer competitive benefits and learning and development
- We are mission-oriented and ever vigilant in aligning our
solutions with the nation's highest priorities.
- For over 55 years, the principles of CACI's unique,
character-based culture have been the driving force behind our
CACI employs a diverse range of talent to create an environment
that fuels innovation and fosters continuous improvement and
success. At CACI, you will have the opportunity to make an
immediate impact by providing information solutions and services in
support of national security missions and government transformation
for Intelligence, Defense, and Federal Civilian customers. CACI is
proud to provide dynamic careers for employees worldwide. CACI is
an Equal Opportunity Employer - Females/Minorities/Protected
Veterans/Individuals with Disabilities.
Keywords: CACI International Inc., Sterling , Information Assurance Analyst, Other , Sterling, Virginia
Didn't find what you're looking for? Search again!