Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

LOCATION: Hanscom AFB, Bedford MA

Salary Range: $150k-$160k

JOB STATUS:Full-time

CLEARANCE:Secret

CERTIFICATION:

TRAVEL:

Astrion has an exciting opportunity fora Senior Cybersecurity Engineer located at theHanscom AFB inBedford, Ma providing support to the Air Force Life Cycle Management Center/Electronic Systems (AFLCMC/HB). The Air Force Program Execution Office for PEO Digital (AFPEO/HB) has the collective Air Force Materiel Command (AFMC) mission responsibility to manage and execute the modernization, development, testing, production, fielding, and sustainment of the PEO Electronic Systems portfolio, which includes over 130 programs for the United States Air Force (USAF) and foreign allies. AFLCMC/PEO Electronic Systemsis headquartered at Hanscom Air Force Base, MA with geographically separated operating units CONUS and OCONUS.

REQUIRED QUALIFICATIONS / SKILLS

• Be a US Citizen
• Have an active Secret clearance
• Education Requriements:
  • Master's or Doctorate Degree, 10 years of experience, 5 of which must be in the DoD
  • OR, Bachelor's Degree, 12 years of experience, 5 of which must be in the DoD
  • OR, 15 years of directly related experience with proper certifications, 8 of which must be in the DoD
  • OR, GED and at least 5 years of experience in the respective profession being performed, 5 of which must be in the DoD
• The individual must have one of thefollowing certifications:
  • CISM
  • CISSO
  • FITSP-D
  • GCIA
  • GCSA
  • GCLD
  • GDSA
  • GICSP
  • CISSP-ISSAP, or
  • CISSP-ISSEP

Based on the DoD 8140 Security Architect Advanced position qualification options (https://cyber.mil/dcwf-work-role/security-architect).

• The indivuala must have extensive knowledge and/or experience in the following:
  • Commercial solutions for classified (CSfC) and/or NSA approval process
  • Cross domain solution (CDS) design and approval
  • Demonstrated experience with network architecture and design. Demonstrated experience with DoD networking preferably with or supporting a Joint Communications Support Element (JCSE)
  • Working knowledge of software defined networking (SDN)
  • DoD RMF implementation (including ATO, ATC and reciprocity)
  • Skilled in managing eMASS system packages
  • Working knowledge of administrating servers, system and application security threats and vulnerabilities
  • DISA Security Technical Implementation Guide (STIG) implementation.
  • Assured Compliance Assessment Solution (ACAS) tool usage.

RESPONSIBILITIES

The individual shall ensure that all system and application deliverables meet the requirements of all DoD and Air Force Cybersecurity policies.

To ensure that cybersecurity policy is implemented correctly on systems, Contractors shall ensure compliance with DoD and Air Force Certification and Accreditation policies, specifically Department of Defense Instruction (DoDI) 8510.01, Risk Management Framework (RMF) for DoD Information Technology, and AFI 33-210, The Risk Management Framework (RMF) for Air Force Information Technology.

Functions required to be performed by individuals in this specialty may include:

• Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies, i.e., Risk Management Framework (RMF).
• Recommending policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data.
• Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
• Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals.
• Conducting systems security evaluations, audits, and reviews.
• Recommending systems security contingency plans and disaster recovery procedures.
• Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
• Participating in network and systems design to ensure implementation of appropriate systems security policies.
• Facilitating the gathering, analysis, and preservation of evidence.
• Identify and Analyze risks and issues (including Operational Security (OPSEC) and Information Security (INFOSEC))
• Advising the Government on Cyber Security strategy(s) based on the system requirements and operating environment
• Proposing mitigations to protect all types of information from unauthorized access
• Assessing security events to determine impact and implementing corrective actions.
• Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.
• Perform the Information System Security Engineer (ISSE) duties in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems.
• Perform the Information System Security Manager (ISSM) duties as outlined in DoDI 8510.01 for assigned systems/applications.
• Perform the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01 for assigned systems/applications.
• Develop, review, analyze, and support the preparation of Program Protection Plans (PPP), Anti-Tamper Plans (ATPs), Cybersecurity Plans, IATT (Test) and/or Operation (ATO) Authorization, System Security Authorization Agreement (SSAA), System Security Plan, System Threat Assessments