Cybersecurity ISSO (Journeyman)

About The Position

Requirements

• U.S. Citizenship
• Bachelor’s or Master’s Degree in a related field and at least three years of experience in the respective technical/professional discipline being performed, three of which must be in the DoW OR Seven years of directly related experience with proper certifications, five of which must be in the DoW.
• Must have the knowledge, experience and demonstrated ability to perform tasks related to the technical/professional discipline they are performing.
• Typically works independently and applies the proper procedures and processes related to their area of expertise.
• Must have the ability to problem solve and troubleshoot various situations to develop successful outcomes within established program/project guidelines.
• Work is performed independently or under the oversight of more senior contractor employees (Program Office and Staff Level Support interface).
• All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to: Access control. Configuration management. System and communications protection. Contingency planning. Incident handling. System and information integrity. Security and privacy training and awareness; and, Software development activities, software and tools related to Cybersecurity.
• Experience performing cybersecurity duties as outlined in DoWI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.
• Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.
• Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.
• Experience with conducting information security continuous monitoring (ISCM) by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.
• Must have the ability to problem solve and troubleshoot various situations to develop successful outcomes within established program/project guidelines.
• Must perform work independently or under the oversight of more senior contractor employees (Program Office and Staff Level Support interface).
• At a minimum, the successful candidate will meet the requirements for and maintain a personnel certification associated with the DCWF ISSO work role (722) at an intermediate (journeyman) proficiency level as outlined in DoWI 8510.01, AFMAN 17-1305 and AFI 17-101 for assigned systems/applications: (ISC)2 CGRC/CAP CompTIA CASP+ (ISC)2 CCSP CompTIA Cloud+ (ISC)2 SSCP CompTIA Security+ CE (GIAC) GSEC
• Must have and maintain a T3/Secret security clearance.

Responsibilities

• Provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoWI 8500.01.
• Ensures the appropriate operational security posture is maintained for the assigned IT.
• Implements and enforce all AF cybersecurity policies, procedures, and countermeasures.
• Completes and maintains required cybersecurity certification IAW AFMAN 17-1303.
• Ensures all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301.
• Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System.
• Ensures software, hardware, and firmware complies with appropriate security configuration guidelines, e.g., security technical implementation guides/security requirement guides.
• Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.
• Coordinate changes or modifications with the system-level ISSM, SCA, and/or the Wing Cybersecurity office.
• Initiates protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered.
• Reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling; and,
• Initiates exceptions, deviations, or waivers to cybersecurity requirements.

Benefits

• ESOP participation
• 401(k) match and safe-harbor contribution
• medical, dental, vision, life insurance, short-term disability, long-term disability
• flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts
• EAP
• education assistance
• paid time off
• holidays