Job Description General Description CACI is currently looking for an Enterprise Cybersecurity Manager with a deep technical understanding of Cybersecurity practices and delivering secure and reliable software solutions. The individual will lead a highly productive team of seasoned technical professionals who thrive on supporting our customer39s mission and growth objectives?designing, developing, leading, and implementing secure application and infrastructure capabilities for a variety of legacy and modernized systems. The person will also work in close collaboration with software developersengineers, quality assurance engineers, stakeholders, and end users within Agile Engineering processes. A profound knowledge of enterprise class information assurance requirements and network securability and survivability are key requirements. The individual will also be responsible for supporting development of a spectrum of engineering artifacts that succinctly captures system security requirements, application and network security design, and network security architecture. This position is responsible for ensuring that all assigned work activities are performed in a timely, secure, compliant and cost-effective manner while maintaining the highest quality of performance. ASF programs thrive in a culture of innovation and are constantly seeking individuals who can bring creative ideas to solve complex problems, both technical and procedural at the team and portfolio levels. The ability to be adaptable and to work constructively with a technically diverse and geographically separated team is crucial. What you?ll get to do Responsible for leading the Information Assurance and Security of application, database, and enterprise network services. This includes activities associated with delivery of Cybersecurity policy implementation and network solutions associated with customer-defined systems and software projects while maintaining the release cadence and coordinating cyber activities across all product teams and shared services. Other responsibilities include Maintain the Enterprise Cybersecurity Program strategy Apply information security in accordance with NationalDoDArmy Directive security policy including, but not limited to, DODI 8500.01, DODI 8510.01, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, AR 25-2, and AR 380-5 Lead and support creation of, and ensure approval for Department of Defense (DOD) Risk Management Framework (RMF) Assess and Authorize (AA) Process for multiple large software portfolios Support program and customer management, and government Authorizing Official (AO) for all information security status, policies, and procedures Guide the Cybersecurity team on documenting cybersecurity requirements and manage all tasks of the cyber teams to include cyber threats, threatrisk briefs, risk assessments, ATO recommendations, technical reviews, control reviews, policy creation, IA Directives management Assess entire system lifecycle requirements and network security impacts Document DoD RMF Security Implementation Plan artifacts.? Coordinate and assist development team with application artifact documentation Assist government personnel in preparing and presenting Enterprise Mission Assurance Support System (eMASS) packages to the Control Assessor (SCA)Assess and analyze US-CERT, DHS, and current threat environment Create and manage Plan of Action Milestones (POAM) Enhance ? Implement Cybersecurity vulnerabilityAA hardening testing Optimize Cybersecurity development environment certification Architect Engineer security ? develop security goals, capabilities, controls, and architecture Design Implement security ? vulnerability management, build security into development Integrate Test Security ? test patches and settings, document AA artifacts Validate Verify security ? validate patch status and software control status Implement security ? apply patches and security settings, performance incident handling and remediation Maintain security posture ? audit security settings, track security training, monitor threats, track reaccreditation Enable assurance for information security during all phases of agile software development and deployment Continuously evaluate and recommend innovative proven best business practices and tools to enhance defense-in-depth Identify, assess, and recommend zero-day cyber threat remediation Address Cybersecurity issues to help maintain Continuity of Operations Plan (COOP) Assist engineers with implementing and maintaining Common Access Card (CAC) and Public Key Infrastructure (PKI) functions into existing and future application development to ensure confidentiality, integrity, and availability to mission support Manage subordinates with performing information security vulnerability testing and mitigate any nonconformance Implement and validate Security Technical Implementation Guide (STIG) requirements for all development and implementation projects Understand and assist developers with static code analysis processes You have College degree (B.S., M.S.) in Information Assurance, Computer Science, Information Management Systems or a related discipline with at least an interim DOD Secret Clearance One or more of the Certifications 8570.01-M, IAT Level III CISCO CCNP Security (ISC)239s CISSP ISACA CISA, GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED) andor CompTIA Advanced Security Practitioner (CASP) Demonstrated knowledge of NationalDoDArmy Directive security policies including, but not limited to, DODI 8500.01, DODI 8510.01, NIST SP 800-30, NIST 800-37, NIST 800-53a, NIST SP 800-61, NIST 800-171, AR 25-2, and AR 380-5 Demonstrated knowledge of DOD RMF accreditation implementation Minimum of five years of experience leading and directing technical teams in support of DoD Security Management and Security Engineering policy guidance and directives to both hardware and software-centric environments Minimum of five years of experience overseeing a cybersecurity program of a similar size, scope and complexity to include vulnerability assessments, IAVA reporting, and IA problem resolution including applying security principles and best practices in Microsoft, .NET, Linux and Oracle environments Experience within the last three years leading and managing accreditation activities, which resulted in obtaining Authority to Operate (ATO) under current DoD accreditation policies. Over ten year of cybersecurity related experience Demonstrated experience with static code analysis using tools like Microfocus Fortify Software Security Center or similar source code analysis capability Demonstrated experience with Vulnerability Scanner technologies and eMASS Demonstrated familiarity and experience with Firewalls, Intrusion Prevention Systems, WebGateways, andor enterprise Antivirus software technologies Experience with continuous integration tools and environments Ability to identify and manage risk Working knowledge of and ability to assist others in the use of information security provisioning and monitoring tools to support process improvement Excellent written and verbal communication skills Strong collaboration skills and desire to work within a team Understanding of all elements of the DOD Cybersecurity policies and requirement Highly responsible, team-oriented individual with very strong communication skills and work ethic self-starter Ability to organize and lead large, professional teams Professional Experience 843 years related technical experience You are good at Implementing and overseeing a software code assurance program based on industry best practices Configuring hardware and COTS products to meet DoD and Army policies Providing PowerPoint executive-level briefings Acting independently to expose and resolve problems Leading FEDRAMP certifications Ability to apply advanced principles, theories, and concepts, and contribute to the development of innovative IA principles and ideas Experience working on unusually complicated problems and providing solutions that are highly creative and ingenious, exhibiting ingenuity, creativity, and resourcefulness Scripting languages such as Perl, VBScript, Ruby, etc. Experience with Computer Network Defense (CND) processes, procedures, and tools Managing cybersecurity for a virtualized on-premise infrastructure Using MS Project and Office Suite applications Bonus would be having Experience working with microservices cross functional teams to quickly deliver incremental functionalities with security included at each phase of development Experience performing migrations to military virtualized andor cloud environments Experience FEDRAMP cloud provider certifications Performing cloud migrations Experience with Cloud Service Provider Cybersecurity implementation, practices. And Service Level Agreement (SLA) negotiations Demonstrated knowledge and experience with ISO 27000 information security management principles What We Can Offer You - We?ve been named a Best Place to Work by the Washington Post. - Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. - We offer competitive benefits and learning and development opportunities. - We are mission-oriented and ever vigilant in aligning our solutions with the nation?s highest priorities. - For over 55 years, the principles of CACI?s unique, character-based culture have been the driving force behind our success. ? Job Location US-Ashburn-VA-VIRGINIA SUBURBAN CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - FemalesMinoritiesProtected VeteransIndividuals with Disabilities.