Odyssey Systems has an exciting opportunity for a Cybersecurity Principal to support the Air Force Life Cycle Management Center/ISR SOF (AFLCMC/HB). The Air Force Program Execution Office for Intelligence, Surveillance, Reconnaissance and Special Operations (PEO ISR SOF)  has the collective Air Force Materiel Command (AFMC) mission responsibility to manage and execute the modernization, development, testing, production, fielding, and sustainment of the ISR SOF portfolio, which includes over 200 programs for the United States Air Force (USAF) and foreign allies. AFLCMC/PEO ISR SOF is headquartered at Wright Patterson Air Force Base, OH with geographically separated operating units CONUS and OCONUS.  This position supports the AWACS (E3) and Wedgetail (E7) Division; AFLMC (WIW).  The WIW Division located at Tinker AFB (OK), and Hanscom AFB (MA), with dispersed support at Eglin AFB, Seattle WA, San Antonio TX and several OCONUS positions.  

In this Advisory and Assistance Services (A&AS) role, you will provide expert-level support to Department of Defense (DoD) programs by assisting government leadership with decision-making, planning, and execution throughout the acquisition lifecycle. You will apply your technical and/or professional expertise to ensure compliance with applicable policies and regulations, contribute to mission success, and help deliver critical capabilities to the warfighter.

Duties include, but not limited to:

• Lead development and review of system security documentation including System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, and security CONOPS in accordance with DoDI 5000.02, DoDI 8510.01, MIL-STD-1785, and the Adaptive Acquisition Framework

• Support system and application Authorization & Accreditation (A&A) activities under the Risk Management Framework (RMF), ensuring completeness, quality, and compliance of all artifacts

• Manage RMF implementation activities including ATO/ATC, reciprocity, and ongoing continuous monitoring

• Administer and manage eMASS system packages

• Provide technical leadership in network and system architecture design with an emphasis on cybersecurity, including DoD and joint networking environments

• Support cross-domain solutions (CDS), Commercial Solutions for Classified (CSfC), and NSA approval processes

• Assess and mitigate system, network, and application vulnerabilities, including ACAS scanning and STIG implementation

• Recommend security configurations, software changes, and compensating controls to mitigate risk

• Conduct cybersecurity risk and vulnerability assessments across planned and fielded systems

• Develop risk-based mitigation strategies and advise leadership on security tradeoffs impacting mission execution

• Recommend and update cybersecurity policies, procedures, and contingency plans, including disaster recovery

• Support waivers and deviations for mandated security controls when required to meet mission performance needs

• Provide acquisition program security support throughout the system lifecycle, including source selections

• Maintain and audit classified information databases, visit records, clearance tracking, and classified holdings

• Evaluate contractor classified data submissions for compliance with System Security Classification Guides (SSCGs)

• Update security classification guides and prepare acquisition security documentation

• Advise government leadership on cybersecurity design, implementation, and compliance
• Collaborate with government and commercial stakeholders to achieve RMF authorization approvals
• Develop and deliver cybersecurity awareness and training programs
• Support Foreign Military Sales (FMS) activities and interface with U.S. Government and international partners

Citizenship: Must be a US citizen

Clearance: Must have and be able to maintain a Secret level clearance

Education: BA Degree in Technical Discipline/MS preferred

Years’ experience: 20 years of directly related experience, 10 years of which must be in the DoD 

Experience: 

• Understanding of cybersecurity in DoD cloud infrastructure
• Understanding of Agile methods, including CI/CD, DevSecOps, and DevOps
• Possess the ability to effectively communicate in both written and verbal forms on highly technical topics
• Ability to interface professionally with all levels of DOD and Foreign Civilian and Military  

In addition to the above requirements, contractor personnel filling Cybersecurity Principal positions must meet the following requirements:

Have one of the following certifications:

• CISM
• CISSO
• FITSP‐D
• GCIA
• GCSA
• GCLD
• GDSA
• GICSP
• CISSP‐ISSAP, or
• CISSP‐ISSEP

Have extensive knowledge and/or experience in the following:

• Commercial solutions for classified (CSfC) and/or NSA approval process
• Cross domain solution (CDS) design and approval
• Demonstrated experience with network architecture and design. Demonstrated experience with DoD networking preferably with or supporting a Joint Communications Support Element (JCSE)
• Working knowledge of software defined networking (SDN)
• DoD RMF implementation (including ATO, ATC and reciprocity)
• Skilled in managing eMASS system packages
• Working knowledge of administrating servers, system and application security threats and vulnerabilities
• DISA Security Technical Implementation Guide (STIG) implementation.
• Assured Compliance Assessment Solution (ACAS) tool usage.

Preferred experience:

• Bachelor's or Master's Degree in a professional engineering discipline from an ABET-accredited educational program along with a minimum of 25 years of experience in the respective technical/professional discipline being performed, 15 years of which must be in the DoD OR,
  • Master’s or Doctorate Degree in a related field and a minimum of 20 years of experience in the respective technical/professional discipline being performed, 12 years of which must be in the DoD.

Location:  Hanscom, AFB, position is currently Hybrid 2 days a week in office, however all candidates need to be prepared for 5 days a week in office

Travel: Travel up to 20% to CONUS and OCONUS locations is anticipated

On-Site

#LI-JG1