SENIOR CYBERSECURITY SPECIALIST

About The Position

Requirements

• U.S. Citizenship is required.
• B.S. in Cybersecurity, Computer Science, Information Systems, or related field (M.S. preferred).
• 12+ years securing DoD or IC C4ISR/avionics systems; at least 5 years as the lead cybersecurity engineer or ISSM.
• Active TS/SCI clearance.
• Hands‑on mastery of RMF, NIST 800‑53, DISA STIGs, SCAP/ACAS, and eMASS workflows.
• Experience designing or accrediting cross‑domain solutions and Type‑1 crypto architectures.
• Working knowledge of container security, IaC (Ansible/Terraform), and DevSecOps pipelines (Platform One, Iron Bank).

Nice To Haves

• DoD 8570/8140 IAM/IASAE Level III certification (CISSP‑ISSEP, CISM, GSLC, etc.).
• Prior involvement in ABMS, CJADC2, OMS/UCI, or tactical data‑link programs.
• Familiarity with zero‑trust enforcement for SATCOM, SDR, and software‑defined networking environments.
• Red‑team / pen‑test credentials (OSCP, GXPN, CEH) and experience authoring mitigations.
• Agile/Scrum or SAFe certification.

Responsibilities

• Own the PG Cybersecurity Strategy, System Security Plan (SSP), and Plan of Action & Milestones (POA&M).
• Align all efforts with NIST 800‑53, CNSSI 1253, and Air Force Zero‑Trust Reference Architecture.
• Chair cyber risk boards; brief metrics & burn‑downs to SES/GO stakeholders.
• Lead the PG Risk Management Framework (RMF) process from categorization through authorization; shepherd artifacts in eMASS.
• Stand up automated compliance scans (ACAS, SCAP, Nessus, Tanium) integrated with the DevSecOps pipeline; deliver continuous‑ATO dashboards.
• Embed S‑BOM analysis, container hardening, and code‑signing into Smith's 90‑day software release cadence.
• Evaluate third‑party components for supply‑chain threats; drive mitigations and waivers.
• Develop guard rulesets and data‑flow enforcement for Multi‑Level Security (MLS) cross‑domain solutions.
• Coordinate Type‑1 crypto key‑management plans with NSA; author KOV‑11 / SKL handling procedures.
• Conduct penetration tests and red‑team exercises on Integration SIL builds; track findings to closure.
• Draft and rehearse PG‑specific incident‑response / hunt‑forward playbooks for Watch operations.
• Generate 'cyber annexes' for AF Form 1067s, Safety‑of‑Flight packages, and Interim Authorizations To Test (IATT).
• Deploy secure configs on flight hardware; provide on‑site cyber assurance during ground & flight events.
• Coach engineers on secure‑by‑design principles, STIG implementation, and zero‑trust concepts.
• Foster a DevSecOps, fail‑fast mindset inside classified environments.

Benefits

• Medical insurance
• Dental insurance
• 401k
• Employee Stock Ownership Plan (ESOP)
• Paid Time Off (PTO)
• Education reimbursement
• Work/life balance programs
• Parental leave programs
• Other leave programs