Jobs · Information Technology · Virginia

Senior Cybersecurity Engineer - RMF/ISSE Lead

CACI International Inc · Sterling, VA · 6 days ago
Information Technology$104k–$218k/yrFull-time

Responsibilities

  • Lead, mentor, and manage a team of 3-5 Security Engineers.
  • Oversee project timelines, ensure delivery of high-quality security solutions, conduct performance evaluations, and provide ongoing professional development opportunities.
  • Lead the design and documentation of secure system architectures across web applications, application stacks, Web Application Firewalls (WAFs), Intrusion Detection/Prevention Sensors (IDS/IPS), antimalware technologies, and Advanced Persistent Threat (APT) prevention.
  • Define security requirements and integrate capabilities across all SDLC phases (initiation, acquisition/development, implementation, operations/maintenance, disposition) following NIST 800-64 Rev. 2 guidelines.
  • Manage and execute Risk Management Framework (RMF) activities (Steps 1–6), performing ISSO/ISSE functions to guide systems from initial categorization through Authorization to Operate (ATO).
  • Direct team efforts in supporting DoD or IC acquisition programs resulting in IATT and/or ATO.
  • Develop, maintain, and review Assessment & Authorization (A&A) documentation using Xacta, eMASS, or equivalent tools (SSP, SCTM, BoE).
  • Ensure hardware and software comply with Government Security Certification Officer (SCO) requirements and meet NIST SP 800-53, ICD 503, and CNSSI 1253 standards.
  • Implement continuous monitoring (ConMon) activities and lead security audits using IC and DoD approved scanning tools: Nessus/ACAS, SCAP/SCC, STIG Viewer, Nmap, and additional vulnerability assessment platforms.
  • Direct incident response activities and participate in on-call rotation for security incidents.

Qualifications

  • Bachelor's degree in computer science, Cybersecurity, Engineering, Information Technology, or related field (or equivalent experience)
  • 10+ years with demonstrated ISSE/ISSO responsibilities, preferably within the Intelligence Community or DoD environment
  • Experience achieving IATT and/or ATO on DoD or IC acquisition programs
  • People management or team leadership experience
  • Cleared with current active TS/SCI eligibility
  • DoD 8570/8140 IASAE Level III (e.g., CISSP)
  • Technical Expertise in RMF processes, NIST SP 800-53, NIST 800-64 Rev. 2
  • Experience integrating security across all SDLC phases: initiation, acquisition/development, implementation, operations/maintenance, and disposition
  • Network protocols (TCP/IP, DNS, HTTP/HTTPS), VPNs, IDS/IPS, firewalls, DMZ configurations
  • Hands-on Linux/Unix experience
  • Web applications, application stacks, WAFs, and application-layer security controls
  • A&A tracking tools (Xacta or eMASS), SCAP/SCC, vulnerability assessment tools (Nessus, ACAS, Tenab)

Similar jobs