What are the responsibilities and job description for the Risk & Compliance Analyst position at CACI?
CACI is seeking an IT Risk & Compliance Analyst, supporting day-to-day operations and engineering within the Cybersecurity & Infrastructure Security Agency (CISA), a part of the Department of Homeland Security.
What You’ll Get to Do:
The Risk & Compliance Analyst should feel comfortable not only setting expectations with the customer. We are looking for someone who shows initiative and demonstrates excellent customer service and communication skills. The candidate will be self-directed, organized, and results driven.
The Risk & Compliance Analyst will:
- Serve as the day-to-day point of contact for the CISA & Headquarters Security teams on the program.
- Work closely with Clients, including the Information System Security Officers/Managers (ISSO/ISSM), System Owner (SO), Product Owners (PO), and third-party support vendors.
- Oversee coordinating program security activities including audits, system release activities, change requests, ad-hoc client requests, deliverables, security documentation updates, and Plan of Action and Milestones (POA&Ms)
- Establish and manage project plans for program security activities
- Facilitates security meetings with the clients
- Track and report on the status of work efforts and coordinates with security capability leads and cross-program teams
- Ability to be on call nights/weekends/holidays
You’ll Bring These Qualifications:
- Ability to attain DHS EOD
- ITIL V4 Foundations certification
- BA 5 years of experience, AA 8 years of experience, or 12 years of experience
- 5 or more years of experience with supporting system Authority to Operate (ATO) processes and creating artifacts, control implementation details, and POAMs.
- 8 or more years of hands-on experience in enterprise IT support
- Experience with National Institute of Standards and Technology (NIST) security controls, the Governance, Risk Management, and Compliance (GRC) security documentation tool, Risk Management Framework (RMF), and security compliance processes
- Experience with Security Technical Implementation Guides (STIGs).
- Ability to audit and verify security controls as part of industry standard system hardening or in accordance with customer or government requirements.
- Effective communicator at all levels, both written and verbal
These Qualifications Would be Nice to Have:
- CompTIA Security , CISSP, Certified Ethical Hacker (CEH) or other relevant IT Security related certifications.
- Experience working with the federal government, particularly the DHS.
What We Can Offer You:
- We’ve been named a Best Place to Work by the Washington Post.
- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
- We offer competitive benefits and learning and development opportunities.
- We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
- For over 60 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
Company Overview: At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is an Equal Opportunity Employer – Females/Minorities/Protected Veterans/Individuals with Disabilities.
As a federal contractor, CACI is subject to any federal vaccine mandates or other customer vaccination requirements. All new hires are required to report their vaccination status.
