Job DescriptionGeneral Summary:
Responsible for the AFLCMC/WLC, KC-46 Pegasus, maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified). This position requires the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems. The individual shall perform system trusted downloads, burning classified Compact Discs (CDs), maintain and update host system patches, implement mandated system vulnerability mitigations and set up user accesses and accounts. Personnel shall demonstrate proficiency in currently utilized Windows Operating Systems (OS), Windows group policy objects, DoD Cybersecurity, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Endpoint Security System (SS)/Host-based Security System (HBS) and DoD Public Key Infrastructure (PKI).
Principal Duties and Responsibilities:
- Systems Security Engineering disciplines to include: Anti-Tamper, Trusted Systems & Networks, Cybersecurity, Hardware/Software/Firmware Assurance, Supply Chain Risk Management, Acquisition Security, Cyber Resiliency, and Information Protection.
- Support the Systems Engineer with program engineering milestone reviews, test planning, and certification and accreditation packages.
- Assist the Information Systems Security Manager (ISSM) and provide multi-discipline expertise covering project management, system security engineering, system administration, and network administration.
- Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported. These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02.
- Provide cybersecurity support to assigned systems and shall assist in developing, modifying, reviewing or coordinating items that include, but are not limited to: PIT determination package, cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP.
- Review required program office artifacts and make recommendations to support cybersecurity RMF analysis.
- Assist in managing, planning, documenting and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems.
- Assist in performing cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation, and to support final approval for Interim Authority to Test (IATT), Interim Authority To Operate (IATO), Authority To Operate (ATO), and/or Authority To Connect (ATC).
- Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results.
- Assist the Government in conducting Supply Chain Risk Management (SCRM).
- Assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP.
Required Experience- Bachelor's degree or higher in technical related field
- Minimum of 12 years of related experience
- Ability to clearly present and communicate technical approaches and findings.
- Ability to obtain one of the following certifications within 6 months of hire: Information Assurance Technical [IAT], Information Assurance Manager [IAM], Information Assurance System Architects and Engineering [IASAE], or CSSP.
- Apply an understanding of DoD, AF, and common engineering/scientific principles, processes, and procedures to improve performance and sustainability of existing and future AF and joint service weapon systems.
- U.S. Citizenship required; Active Secret Clearance required to start; Ability to obtain and maintain a TS/SCI Security clearance required.
Preferred Qualifications:
- Active TS/SCI Clearance
- Active Security+ Certification
Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
