Information Systems Security Officer (ISSO)/ ACAS Expert

Job Title: Information Systems Security Officer (ISSO)/ ACAS Expert
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular-Long Term Assignment
Percentage of Travel Required: Up to 10%
Type of Travel: Local

The Opportunity

You are invited to continue your career in a mission‑focused environment supporting U.S. Africa Command (AFRICOM) operations in Stuttgart, Germany. This on‑site, OCONUS assignment focuses on governance, risk and compliance (GRC) activities to support DoW cybersecurity programs and the Risk Management Framework (RMF). The ISSO serves as a key contributor to cybersecurity assessments, authorization activities, compliance tracking, and security documentation across multiple enterprise systems.

Responsibilities

• Execute and manage DoD Risk Management Framework (RMF) activities in accordance with DoDI and applicable cybersecurity policy.
• Track organizational cybersecurity compliance and ensure timely remediation of security findings.
• Support Assessment & Authorization (A&A) activities, including preparation for:
• Cyber Operational Readiness Assessments (CORA)
• Staff Assistance Visits (SAV)
• Vulnerability assessments and inspections (ACAS administration)
• Maintain and manage cybersecurity artifacts within eMASS.
• Conduct risk assessments, analyze system security posture, and provide risk recommendations to the Authorizing Official.
• Develop and maintain cybersecurity documentation including:
• System Security Plans (SSP)
• POA&Ms
• Hardware/Software lists
• Network Diagrams
• Ports, Protocols, and Services Management (PPSM)
• SOPs, TTPs, and compliance reports
• Test result artifacts
• Review network architecture diagrams and system designs for cybersecurity compliance.
• Coordinate with Defensive Cyber Operations (DCO) and IT teams to support incident response and continuous monitoring.
• Assess and authorize the use of hardware and software across enterprise environments.
• Interface with government stakeholders, system owners, ISSMs, and engineers to ensure compliance with cybersecurity requirements.

Qualifications

Required

• Active Top Secret (TS) SCI clearance.
• B.S. in Information Technology/Systems, Computer Science, Computer Engineering, or Electrical Engineering.
• Experience implementing and managing DoD RMF for classified and unclassified systems.
• Working knowledge of:
• NIST SP 800-53 Rev. 5
• eMASS
• POA&M management
• ATO / Authorization processes
• ACAS tool
• Strong proficiency in Microsoft Office (Word, Excel, PowerPoint).
• At least one active Department of Defense 8140 / DCWF IAT/IAM Level III certification (e.g., CASP+CE, CCNP Security, CISA, CISSP, GCED, GCIH, CCSP, CISM, GSLC, CCISO).
• Understanding of system controls and their impact on system security.
• Minimum of 5 years monitoring system NIST compliance using workflow tools.
• Minimum of 3 years using eMASS for managing system/enclave authorizations.
• Minimum of 3 years transitioning to and operating within RMF in DoD applications.
• Experience in initial risk assessment and assisting Authorizing Official with risk determination and acceptance.
• Ability to communicate effectively with technical teams and senior government leadership.

Desired

• Experience supporting AFRICOM, JFHQ‑DODIN, or Combatant Command environments.
• Experience with:
• Elastic
• STIG Manager
• ACAS

Pay Range

$82,700 – $173,900 USD.

CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.