CACI International

Title: Senior Cyber Identity Engineer Location: Tampa United States Job Description: Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: TS/SCI Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Continental US - - * The Opportunity: CACI is looking for an experienced, innovative, and motivated Identity Engineer to work on Zero Trust (ZT) implementation efforts in support of U.S. Special Operations Command (USSOCOM), in Tampa, FL. This is a Senior-level cyber position on the Enterprise Development, Application and Training (EDAT) contract. The position may include partial telework, but work will primarily take place at the customer site. The Identity (Cyber) Engineer is a hands-on technical specialist responsible for the implementation, configuration, and management of the core platforms that secure user and system identities across the enterprise. This role focuses on the "hands-on-keyboard" execution of deploying and maintaining the security policies and controls within the organization's Identity Providers (IdP), Privileged Access Management (PAM), and Identity Governance and Administration (IGA) solutions. The ideal candidate will have deep technical expertise in one or more of these domains and a strong commitment to implementing least-privilege access in a complex hybrid environment. Responsibilities: - Identity Provider and Authentication Management: - Microsoft: Design, build, test, and deploy Microsoft Entra ID Conditional Access policies to enforce Zero Trust principles for access to cloud resources in Azure and AWS. Configure and maintain Certificate-Based Authentication (CBA) for CAC/PKI. Manage and troubleshoot the on-premises ADFS environment for legacy application support. - Ping Federate: Configure and manage the Ping Federate platform as an enterprise federation gateway. Onboard new applications for Single Sign-On (SSO) using SAML and OIDC. Build and maintain authentication policies to enforce strong, phishing-resistant MFA. - Privileged Access Management (PAM): - Delinea: Perform the hands-on onboarding of all privileged user, service, and application accounts into the Delinea vault. - Configure and enforce Delinea policies for credential rotation, session recording, and monitoring. - Build and implement Just-in-Time (JIT) and Just-Enough-Administration (JEA) access request and approval workflows to eliminate standing privileges. - Identity Governance and Administration (IGA): - SailPoint: Implement and configure the automation of the Joiner-Mover-Leaver (JML) identity lifecycle process, replacing manual, ticket-based systems. - Build and maintain the enterprise access catalog in SailPoint to replace the manual IMT48 form with an automated, workflow-driven request and approval system. - Configure and execute periodic access certification campaigns for critical applications and privileged roles. - AD and Linux Identity Management: - One Identity ARS: Use the Active Roles console to implement secure, delegated administration for Active Directory, creating policies to automate user/group lifecycle tasks. - Red Hat IdM: Centrally manage authorization policies for the Linux estate, defining Host-Based Access Control (HBAC) rules and sudo policies to control access to RHEL servers. Qualifications: Required: - Must hold a current Top-Secret clearance and be SCI eligible. - Education: MA/MS Degree. A bachelor's degree in computer science, Information Systems, Cybersecurity, or related field acceptable with additional experience. - 10+ years of experience in enterprise identity and access management architecture. Additional years of experience may be used in place of Education requirement. - Deep, hands-on experience with at least one of the following core platforms: Microsoft Entra ID, an enterprise PAM solution (e.g., Delinea), or an enterprise IGA solution (e.g., SailPoint). - Strong understanding of core identity security principles, including least privilege, MFA, JIT/JEA, and RBAC/ABAC. - Experience with Active Directory administration and group policy management. - Experience with integrating new technologies in a pre-production environment and overseeing transition into a production environment. - Ability to implement and troubleshoot complex security policies within enterprise tools. - DoD 8140 Compliance (IAT Level II) - DoDM 8570 IAT II equivalent certification (e.g. CompTIA Security+) Desired: - DoDM 8570 IAT III equivalent certification or higher (e.g. CompTIA CASP+, CISSP) - Microsoft Certified: Identity and Access Administrator (SC-300). - Delinea Certified Administrator. - SailPoint Certified IdentityNow Engineer. - Ping Certified Professional. - Experience with Red Hat IdM policy management. - Familiarity with Zero Trust Network Access (ZTNA) and continuous authentication models. - Prior experience supporting USSOCOM mission requirements. - Strong communication skills with ability to brief senior leadership and interface with stakeholders. - Ability to lead teams in complex, multi-vendor environments. - What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. The proposed salary range for this position is: $99,800 - $219,600 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

• Implement ICAM solutions to support PIV, Certificate Base Authentication, FIDO 2. • Engineer and build a secure and robust enterprise identify and access management solution • Responsible for installing, customizing, configuration and supporting SailPoint Identity and Access Management tool and processes. This includes automated provisioning/deprovisioning to downstream applications. • Facilitate and support ICAM integration to business applications and third parties, including Single Sign On enablement and management • Collaborate with customer to define organization constructs/naming conventions and user access roles • Assist with the development of process and workflows to support ICAM operation activities such as user onboarding, user lifecycle management and privilege access management • Provide assistance with the integration of an Enterprise PKI solution. • Engage with, and advise stakeholders within the business on Identity and Access Management best practices • Define, improve, and support Active Directory, Azure Active Directory and Privileged Access Management within the organization • Identify areas for delivery automated solutions (e.g. onboarding/offboarding) and maturation of existing processes by leveraging scripting

Infrastructure Tier 2 Engineer Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: None Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Local The Opportunity: CACI is seeking an experienced Tier II NOC Engineer within a 24x7x365 enterprise network operations security center (NOSC) supporting a federal government customer. The Tier II NOC Engineer will be responsible for providing network administration and operational support for a large and dynamic enterprise network, as well as performing analysis and troubleshooting of network incidents with the objective of minimizing interruptions and outages for end users to mission critical communications and resources. Shift: Mon - Fri, 8am - 4pm Must be flexible and able to be on-call when scheduled Location: Nebraska Ave Complex (3801 Nebraska Ave NW, Washington, DC 20528), *but currently remote. Responsibilities: - Leverage industry experience to provide operational support to maintain overall health and performance of enterprise network components, to include LAN, WAN, firewalls, VPNs, and other network platforms. - Monitoring of network performance dashboards to proactively detect potential network degradation events and outages. - Investigate and diagnose incidents to restore network services as quickly as possible, ensuring all incident details and restoration steps are thoroughly documented in the ServiceNow ticketing platform. - Lead root cause analysis efforts and draft After Action Reports as requested. - Implementation of approved network enhancements, firewall and whitelisting requests, and other network updates in accordance with the Change Management process. - Routinely collaborate with Government Leads, Watch Officers, and other Operational Teams in the communication and investigation of high priority troubleshooting efforts using the appropriate escalation procedures - Installation and support for remote access platforms such as VPN, Terminal Services, and Citrix - Work with vendor engineering teams in the investigation of complex hardware and software issues and initiate RMAs for failed hardware components as necessary - Provide guidance and assist in the development of junior NOC engineers with over-the-shoulder training and the creation of knowledge articles. - Perform all tasks in accordance with established team Service Level Agreements (SLAs) and Standard Operating Procedures (SOPs). Qualifications: Required: - Ability to obtain DHS Entry on Duty (EOD) - Bachelor's degree + 8 years of experience - Relevant network/NOC work experience - CCNA certification - In-depth understanding of network infrastructure topologies, security policies, firewalls, and L2/L3 switch and routing infrastructure. - Experience with network security, including firewalls, IDS/IPS, and vulnerability assessment & remediation. - Experience using network management and analysis tools such as SNMP probes, network taps, and packet analyzers. - Working knowledge of following the network tools/platforms: Broadcom Spectrum and CA PAM platforms, ServiceNow, SolarWinds, Splunk, NetScout, Grafana, HP Network Automation (HPNA) or similar tools/platforms - Experience with the configuration and support of Palo Alto firewalls - Experience with the configuration of BlueCoat proxies - Experience using ServiceNow or similar ticketing systems. - Ability to work independently as well as part of a team. Desired: - Previous experience supporting Zscaler (configuring, troubleshooting, etc.) - Previous experience with SDWAN - Previous experience with Site-to-Site VPNs. - Desired Certifications: - CCNP - ITIL 4 Foundations - Security + - What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. The proposed salary range for this position is: $84,900 - $178,400 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

Role Description Exciting Opportunity to Lead the Future of Identity and Access Management with Our Dynamic DoD Program! Join our dynamic team and take the lead in ICAM operations for a high-impact, large-scale Department of Defense (DoD) program. This role offers a unique chance to shape the future of identity and access management (ICAM) in a complex, privileged access environment. As a key player, you will drive improvements in identity security processes and collaborate closely with the Cybersecurity Architect on cutting-edge identity architecture and Zero Trust strategy. Your expertise will help shape the program’s approach to least-privilege, MFA maturity, and access governance. - Lead enterprise identity lifecycle management operations across all user populations - Administer and optimize OKTA for enterprise-wide identity and access management - Govern privileged credential management and CyberArk PAM architecture - Lead MFA strategy and implementation across systems and platforms - Develop and lead monthly privileged access audit and reporting processes - Own monthly DCWF compliance auditing and executive reporting - Oversee secure remote access governance via Palo Alto Secure Browser and Zscaler - Develop and maintain identity management procedures and access control governance frameworks - Mentor junior and mid-level ICAM staff - Serve as ICAM technical liaison to the Cybersecurity Architect Qualifications - An active Secret clearance - 6–9 years of experience in identity and access management or privileged access security - Advanced proficiency with OKTA and CyberArk PAM - Experience with zero trust network access solutions (Zscaler preferred) - Demonstrated experience developing access governance frameworks and compliance reporting - Proven ability to mentor and develop junior ICAM staff - Required Certification: DoD 8140.03M DCWF Intermediate tier certification — one of: CEH(P), ECIH, GRID, RCCE Level 1, CBROPS, CCSP, CEH, Cloud+, FITSP-O, GCED, GCIH, GSEC, PenTest+, or Security+ - Required Education: Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering Requirements - Desired: DoD 8140.03M DCWF Advanced tier certification — one of: CFR, CySA+, GCFA, GCIA, or GICSP - Master’s or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering - Multiple 531 Advanced tier certifications - OKTA Certified Professional or Consultant certification - CyberArk Sentry certification - Experience designing identity architecture for classified DoD environments (IL4–IL6) Benefits - A culture of integrity. - An environment of trust. - A focus on continuous growth. - Competitive compensation, benefits, and learning and development opportunities. - Comprehensive benefits such as healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Company Description CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

• Support advanced research, development, and operational programs across cyberspace operations • Help design, implement, test, and secure high-performance systems that support national security objectives • Design, build, and maintain containerized environments (Docker, Kubernetes, OpenShift, or similar) • Manage and optimize CI/CD pipelines supporting application, data, and machine learning workloads • Implement DevOps and MLOps best practices across development, testing, and production environments • Oversee data collection, ingestion, and curation workflows to support analytics and ML use cases • Collaborate with cross functional teams including software engineers, data scientists, and systems engineers • Manage relationships with external vendors • Implement security, compliance, and governance practices across infrastructure and data workflows • Troubleshoot infrastructure issues and drive continuous improvement initiatives • Perform administrative tasks for the lab

• Design, build, optimize, and maintain scalable ETL pipelines within Databricks, including Bronze, Silver, Gold, and Metrics tier data models. • Build normalization and transformation frameworks to standardize disparate datasets for analytics, cybersecurity, and mission operations. • Quality, modern, and fully reproducible code using established software engineering practices—including version control, modular design, automated testing, documentation, and CI/CD—to ensure reliability, reusability, and maintainability across data pipelines and Databricks workflows. • Develop solutions within a secure cloud-based architecture leveraging Databricks Lakehouse features (Unity Catalog, Delta Lake, Auto Loader, cluster configuration). • Manage environment setup, version control, deployment, and CI/CD processes for data pipelines and Databricks apps. • Develop and maintain integrations between Databricks and enterprise systems through APIs, S3 ingestion endpoints and database connectors. • Collaborate with cross-functional engineering, cybersecurity, and product teams to design and implement features that improve data ingestion, metadata management, automation workflows, and platform usability. • Document technical requirements, user stories, and workflow specifications for data integrations and interface development. • Evaluate and implement push/pull data transfer patterns optimized for NASA’s security, performance, and governance constraints.

Role Description CACI is looking for talented Law Clerk II professionals to support the Department of Justice, Executive Office for United States Attorneys in various United States Attorney Offices to provide legal support services on various criminal and civil cases to enhance efforts to combat crime and enforce immigration laws. The Law Clerk II position is a great opportunity for law clerks seeking the opportunity to tackle substantive and complex legal issues and to gain hands-on experience applying your knowledge to assist with high profile cases being investigated and litigated by the Department of Justice. This opportunity will also enhance your knowledge and understanding of the litigation life cycle as you assist with investigations from discovery through trial and appeal. CACI is also committed to growing our eDiscovery workforce and has included tuition reimbursement for Relativity and ACEDS certifications! This is a great opportunity for someone to grow their careers. Please apply if you are interested to hear more! Responsibilities - Works with the assigned Attorney Advisors and/or supervisory attorneys and determines applicable administrative statutory and regulatory law, and identifies possible defenses, violations, or causes of action. - Assesses and analyzes relevant policy, program, and legislative initiative work to determine applicability and prepares written work products characterized by a sound definition of the legal issue or problem; thorough consideration of applicable guidelines and relationships with other program areas; complete appropriate analysis; and makes recommendations that effectively address the issue or problem. - Assists with reviewing, supporting, and implementing policy and guidelines to support the work of the USAOs and their programs, processes, and requirements. Assesses, reviews, and analyzes various legislative and regulatory initiatives to determine impact on work of USAOs and EOUSA. - Develops an understanding of all applicable federal, state, or local laws and keeps abreast of any new criminal and civil rules and procedures. Alerts Attorney Advisors to all potential issues while conducting reviews and analyzing and interpreting data as it relates to relevant programs and/or casework. - Oversees practice with regard to immigration, civil, and criminal, violent crime, fraud, human trafficking, drugs, and other program areas, which includes, but not limited to: receiving and docketing, calendaring and tracking due dates, contacting appropriate Attorney Advisor/Support Staff regarding locating relevant files, data, and other case and/or program-related information; assessing and analyzing relevant data, preparing written work products, legal memoranda, briefs, or other draft responses for review by appropriate Attorney Advisor. - Incumbent analyzes statutes, legislative intent, judicial precedents, agency rules and regulations, and law review articles as they relate to assignments, cases, and tasks to include those of an especially complex or unprecedented nature. Supports Attorney Advisor by briefing attorneys on pertinent facts, issues and case law. - Drafts correspondence and legal documents for attorney’s signature. Qualifications - Law degree (J.D.) - License by a state bar (Preferred) - U.S. citizenship and ability to obtain adjudication for the requisite background investigation - Valid state driver’s license - Minimum two (2) years of professional litigation work experience. Specific immigration (Habeus Corpus, Denaturalization) litigation work experience is beneficial. - Proficient in Microsoft Office applications - Ability to make responsible decisions on short notice and adapt to unexpected developments - Physically located within the general geographic commuting radius of EOUSA or a USAO office - Working knowledge of the Federal Rules of Civil and Criminal Procedure. Benefits - A culture of integrity. - An environment of trust. - A focus on continuous growth. - Comprehensive benefits such as healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Pay Range The proposed salary range for this position is: $61,600-$129,300. Company Description CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

• Own the day-to-day security authorization posture of assigned DoD information systems • Work within a well-resourced team with dedicated engineering, operations, and architecture support • Develop expertise in modern RMF tooling including eMASS and eMASSer automation • Directly support mission continuity by managing ATO packages and continuous monitoring programs • Grow into a senior GRC role with clear advancement pathways • Develop, maintain, and update System Security Plans (SSPs) for assigned systems • Manage Plans of Action & Milestones (POA&Ms) from identification through remediation and closure • Compile and submit Authorization to Operate (ATO) packages • Conduct continuous monitoring activities per established strategy • Utilize eMASS for GRC management and RMF workflow tracking • Coordinate with Information System Security Engineers (ISSEs) and Security Operations (SecOps) to validate control implementations • Develop Security Assessment Plans (SAPs) and support Security Assessment Report (SAR) coordination • Draft supply chain risk management plans • Support the Cybersecurity Architect with RMF strategic planning

• Manage the time of subordinate staff and communicate this to the Government POC • Works with Attorney Advisors to determine applicable administrative statutory and regulatory law • Prepares written work products characterized by a sound definition of the legal issue • Assesses, reviews, and analyzes various legislative and regulatory initiatives • Alerts Attorney Advisors to all potential issues while conducting reviews • Oversees practice with regard to various program areas including immigration, civil, and criminal

• Build, qualify, and manage a robust DS/EITS DoD pipeline aligned with CACI’s strategic growth priorities focusing on Army, DISA and DLA. • Shape and execute go-to-market strategies, including competitive analysis, investment planning, pricing analysis, and differentiated solutions. • Collaborate with industry partners and internal sectors to design winning teaming strategies and capture plans. • Prepare executive-level reports, briefings, and capture materials to support decision-making at the Sector and Corporate Executive levels. • Lead Milestone Reviews and Capture Readiness Reviews with senior leadership. • Support enterprise BD initiatives, streamlining workflows, reducing bottlenecks, and ensuring alignment across pursuits. • Track, assess, and report on emerging task orders, RFIs, and RFPs within CACI’s internal systems. • Drive proposal development and ensure compliance with business plans, solicitation requirements, and customer expectations.