A&A Technical Site Lead​/Deputy Project Manager Security Clearance

Position: A&A Technical Site Lead / Deputy Project Manager with Security Clearance
A&A Technical Site Lead / Deputy Project Manager Job Category:
Security Time Type:
Full time Minimum Clearance Required to Start:
Secret Employee Type:
Regular Percentage of

Travel Required:

Up to 10% Type of Travel:
Continental US *
* * Responsibilities:
As the Project Manager and Technical Lead, you will be responsible for the following:
* Serve as onsite Project Manager and representative of assigned department for meetings and efficiently lead internal resources to meet established milestones and targeted completion dates.

* Provide guidance, coaching and training to 10+ employees of assigned teams.

* Review security control package submissions from validator staff.

* Subject Matter Expert in the Risk Management Framework Steps 0 to 7.

* Demonstrate experience applying the Risk Management Framework (RMF) to cloud environments, including assessing and mitigating cloud-specific risks

* Provide the United States Coast Guard (USCG) with tailored documentation to support their security authorization.

* Plan and execute security control assessments for various information systems within the organization.

* Develop and maintain assessment procedures and methodologies aligned with NIST guidelines and other relevant frameworks.

* Analyze and evaluate the effectiveness of implemented security controls.

* Identify vulnerabilities, weaknesses, and potential risks in information systems and infrastructure.

* Prepare detailed Security Assessment Reports (SARs) documenting findings and recommendations.

* Collaborate with system owners, ISSOs, and other stakeholders throughout the assessment process.

* Verify the implementation of remediation actions and conduct follow-up assessments as needed.

* Provide expert advice on the development and maintenance of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms).

* Stay current with evolving cybersecurity threats, technologies, and best practices.

* Validate security control implementation and provide test results.

* Hands-on experience in assessing RMF Step 4 and performing continuous monitoring.

* Examine security control weaknesses and determine if they are producing the desired intent.

* Deep understanding of Vulnerability Management practices.

Qualifications:

Required:

* US Citizenship required and hold DOD Secret or higher clearance.

* Intimate understanding of NIST RMF implementation guidance.

* 10 plus years of cyber (Cloud, ISSM, ISSO), Networking and Systems Engineering

* 5 plus years lead or management experience

* Hands-on experience with using eMASS or similar Information Assurance tools.

* Extensive knowledge of cloud environments such as Microsoft Azure and AWS.

* Well-developed understanding of Federal Civilian or DHS Security Assessment and Authorization (SA&A) processes.

* In-depth understanding of the relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process.

* Experience analyzing vulnerability scans and STIG implementations.

* Can demonstrate understanding of critical documentation required in Security Authorization (SA) Packages.

* Ability to understand and support Privacy Compliance Activities to include the development of Privacy Impact Analysis (PIA), Privacy Threshold Analysis (PTA), and Statement of Record Notices (SORN).

* DoD 8570/8140 IAT III baseline certification (e.g., CISSP, CISM, CISA, CCNP Security)

* CSSP-AU certification - must obtain within 60days of employment.

* Knowledge/Familiarity with DoD 8500, DoD 8510, DHS 4300 A and B, NIST SP 800-18, 60, 70, 53, 53A, 137, IACS, CMRS, COAMS, JIMS, Swimlane, Governance, Risk, and Compliance, POA&M (i.e., Management, Assessment, etc.), ERS, FISMA, Knowledge Service, ACAS, Tanium, Power BI, Project/Program Management, TASKORD (i.e., FRAGO, CTO, etc.), and Data Calls (i.e., OIG Audit, etc.) Desired:
* Well-developed understanding of Systems Development Lifecycle (SDLC) and ideally the DHS Systems Engineering Lifecycle (SELC) process as it relates to Security Assessment and Authorization (SA&A).

* Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on experience researching, writing, and submitting complete A&A documentation packages for new system authorizations.

* Typically has a University Degree (BA/BS) or equivalent experience and minimum 5 years related work experience.

- ________________________________________________________________________________________ What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day.

You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning…