Systems Cybersecurity Engineer

About The Position

Requirements

• Citizenship: Must be a US Citizen
• Clearance: Must have and be able to maintain a Top-Secret Security Clearance
• Certification: DoD IAM Level I (CAP, CND, Cloud+, GSLC, Security+ CE, CISSP)
• Education: High School Diploma
• Years of Experience: 15 years’ directly related experience with proper certifications as described in the functionally aligned job description, 8 of which must be in the DoD; OR,
• BA/BS degree and 12 years of experience in the respective technical/professional discipline being performed, 5 of which must be in the DoD; OR,
• MA/MS degree and 10 years of experience in the respective technical/ professional discipline being performed, 5 of which must be in the DoD
• Possesses the advanced knowledge, experience and recognized ability to be considered an expert in their technical/professional field.
• Possess the ability to perform tasks and oversee the efforts of junior and mid-level personnel.
• within the technical/professional discipline.
• Demonstrate advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise.

Nice To Haves

• Certification: DoD IAM Level II/III (CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO,)
• Education: BA/BS degree
• Years of Preferred Experience: 10 years of experience in the respective technical/professional discipline being performed, 5 years of which must be in the DoD

Responsibilities

• Labor provided to deliver cybersecurity services are certified in accordance with DoDI 8140.02, DoD 8570.01-M and AFMAN 17-1303 standards. (CDRL A001)
• Ensure that all system deliverables comply with NIST SP 800-53, Risk Management Framework as incorporated and directed in DoD and Air Force/Space Force cybersecurity policy, specifically DoDI 8500.01, Cybersecurity, AFI 33-200, Air Force Cybersecurity Program Management, and AFI 17-101, Risk Management Framework (RMF) For Air Force Information Technology (IT).
• Ensure that cybersecurity policy is implemented correctly on covered systems in the maintenance of Authority to Operate (ATOs).
• Ensure compliance with DoD and Air Force Certification and Accreditation policies, specifically Department of Defense Instruction (DoDI) 8510.01, Risk Management Framework (RMF) for DoD Information Technology, and AFI 33-210, The Risk Management Framework (RMF) for Air Force Information Technology.
• Direct the discovery, monitoring, and elimination or mitigation of both known and unknown vulnerabilities that could compromise the confidentiality, integrity, or availability of the information being processed, stored, or transmitted by covered systems and maintain eMASS Programs of Action and Milestones (POA&M) for same, to include DISA STIGs and the DoD IAVA/IAVM process.
• Conduct Cybersecurity Risk Management for additions/changes to all systems via the Security Impact Assessment (SIA) process
• Develop a focused approach in the continual improvement of processes and producers to manage the RMF packages in Enterprise Mission Assurance Support Service (eMASS), Xacta and SGN/CORE.
• Design/Security Test & Evaluation (ST&E) Requirements RMF Control identification, to include building implementation plans and validation plans, assist with the entry and review of entered information to the Information Technology Investment Portfolio Suite (ITIPS), assist with the preparation and review of Federal Information Security Modernization Act documentation.
• The cybersecurity SME encompasses the full range of cyber security and information security processes, procedures, and functions, to include reviewing data, maintaining/implementing and compliance notification of required IAVAs, NOTAMs and cybersecurity posture for systems.
• SME support includes advising division leadership on architecture mitigations to limit risk posture within the systems, and represent the risk posture in briefings and slides to DoD Chief Information Officer, Headquarters USSF and USSTRATCOM; utilize National Institute of Standards and Technology (NIST) 800 series special publications in the development of new system artifacts to ensure.

Benefits

• Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, Tricare supplement, short-term disability, long-term disability, 401(k) match, flexible spending accounts, health savings accounts, employee assistance program, learning and development benefit, paid time off, and holidays.
• Odyssey Benefits