Risk Management Support Lead at Scott AFB
Company: CACI International Inc.
Location: Scott Air Force Base
Posted on: June 12, 2021
CACI is looking for a Risk Management Support Lead to support
our customer, U.S. Transportation Command (USTRANSCOM), at Scott
AFB Illinois. This position is contingent upon award of the
USTRANSCOM Command, Control, Communication & Cyber Systems Managed
Information Technology Services (MITS), Enterprise support Managed
What You'll Get to Do:
CACI has an excellent opportunity for an experienced,
self-directed, Risk Management Support Lead. This position is in
support of a Department of Defense (DoD) organization, USTRANSCOM
Directorate TCJ6 located at Scott AFB IL.
More About the Role:
Responsible for Risk Management and Compliance through ongoing
awareness of information security, vulnerabilities, and threats to
support organizational risk management decisions. Responsible for
USTRANSCOM and the Unified Combatant Command (UCC) in maintenance
of an all-encompassing system security program to proactively
manage all Infrastructure systems security risks, vulnerabilities,
and compliance with security configurations, guidance, and
policies. Manage formation Assurance activities, responsible for
enabling the ongoing assessment and ongoing authorization of all
infrastructure utilizing Risk Management Framework (RMF) and
automated Security Assessment and Authorization tools.
Staff Security Training - provide personnel security training
progress report. As the Risk Manager you will assist in the
development of a standardized, enterprise-level Risk Management
Process. You will assess, analyze, propose mitigations, and manage
the creation, tracking and closure of risks, issues, and
opportunities (R/I/Os) related to the successful completion and/or
delivery of a US Government product or service. Provide technical
support and/or leadership in the creation and delivery of
technology solutions. Facilitate risk management efforts (i.e.,
risk identification, assessment, and mitigation planning). Define,
develop, and record all risk items on the Risk Register. Develop
and maintain the Risk Management Plan. Identify and develop
contingency plans, fallback plans, and workarounds. Assign
appropriate Risk Response Strategies (Avoid, Mitigate, Transfer,
Exploit, Share, Enhance, Accept). Assign Probability (Likelihood)
and Impact (Consequences) for each risk item; track, manage, and
update as risk plans are executed. Conduct SWOT Analysis, Risk
Audits, Risk Assessments, and Variance and Trend Analysis. Identify
Risk urgency, appetite, triggers, tolerance, threshold, and
aversion and map in a decision tree matrix. Facilitate and/or brief
multiple meetings or forums weekly and or monthly. Communicate risk
posture and project information to stakeholders. Drive effective
teamwork, communication, collaboration, and commitment across
multiple disparate groups with competing priorities. Communicate
project issues and status in a concise, accurate, and professional
manner. Support, coordinate, document, assess, and comply with all
Cyber Security operations IAW operational plans, SOPs, and Work
Instructions. Compliance POA&M analysis, management,
compliance, and remediation. Monitor security advisories and
security bulletins to ensure compliance with applicable security
requirements. Support Security Release Management - Track and
report software inventory for all infrastructure devices (patches
and firmware). Understand and support Privacy Compliance Activities
to include the development of Privacy Impact Analysis (PIA),
Privacy Threshold Analysis (PTA), and Statement of Record Notices
(SORN), Manage a team with a focus on policy, implementation of
strategic initiatives and execution of day to day deliverables.
Establish or work to achieve, team objectives, operational plans
with measurable contribution towards the achievement of results of
the job function or completion of a project.
You'll Bring These Qualifications:
Technical Level III and Management Level II certification per
7+ years of IA/cyber security experience, with at least four (4)
of those involving application of DoD policy, direction, and
guidance to customer environments.
At a minimum possess applicable intermediate ITIL certification
(e.g., Service Operations, Service Design, Planning, Protection and
Optimization (PPO), Release, Control and Validation (RCV)).
Experience/working knowledge of NIST and DoD security policies,
directives, and guidelines.
NIST Risk Management Framework and Security Control
Experience/working knowledge of Network/system architecture
design and implementation.
Experience/working knowledge of Vulnerability scanning, e.g.,
Retina and Nessus.
- Experience/working knowledge of Network architecture and design
(e.g., security stack and integration with office automation
products and services to include production, test, development, and
Desired skills and experience/working knowledge.
Current Microsoft server and workstation OS security
Current Red Hat Linux Enterprise OS security configurations.
Current Unix OS security configurations.
Current Microsoft server and desktop application security.
Current Microsoft Windows Group Policy Object (GPO) security
VMware functionality and security.
Database functionality and security, e.g., Oracle, MS SQL, MS
Border device security, e.g., firewall, VLANs, IP Subnetting,
Ports and protocols).
Application code scanning with Fortify or other government
Metrics capture & documentation.
- Technical writing, to include technical documents and user
What We Can Offer You:
We've been named a Best Place to Work by the Washington
Our employees value the flexibility at CACI that allows them to
balance quality work and their personal lives.
We offer competitive benefits and learning and development
We are mission-oriented and ever vigilant in aligning our
solutions with the nation's highest priorities.
- For over 55 years, the principles of CACI's unique,
character-based culture have been the driving force behind our
US-Scott Air Force Base-IL-ST LOUIS
CACI employs a diverse range of talent to create an environment
that fuels innovation and fosters continuous improvement and
success. At CACI, you will have the opportunity to make an
immediate impact by providing information solutions and services in
support of national security missions and government transformation
for Intelligence, Defense, and Federal Civilian customers. CACI is
proud to provide dynamic careers for employees worldwide. CACI is
an Equal Opportunity Employer - Females/Minorities/Protected
Veterans/Individuals with Disabilities.
Keywords: CACI International Inc., Springfield , Risk Management Support Lead at Scott AFB, Other , Scott Air Force Base, Illinois
Didn't find what you're looking for? Search again!