Odyssey Systems has an exciting opportunity for a Senior Cybersecurity Engineer providing support to the Command, Control, Communications (C3C)/Kessel Run division.

Kessel Run is an Air Force unit that delivers resilient command and control and targeting software capabilities that provide warfighters with decision advantage. Under the Department of the Air Force Program Executive Office for Command, Control, Communication, and Battle Management (DAF PEO C3BM), Kessel Run technologies make up the DAF BATTLE NETWORK, the systems-of-systems designed to help the Joint Force make operational decisions faster than our adversaries. The Division architects and acquires the means to connect weapon systems with warfighters and decision makers to enable the warfighter to win against the pacing challenge in an era of great power competition.

Duties include, but not limited to: 

• Conduct comprehensive security assessments and vulnerability assessments of internally developed and third0party applications.
• Perform and document software security evaluations, including code reviews, secure coding verification, and architectural security analysis.
• Utilize penetration testing tools and methodologies to identify and validate vulnerabilities.
• Develop and maintain threat models and execute security risk assessments to identify and mitigate potential threats.
• Evaluate system security controls, identify vulnerabilities, and propose effective mitigation strategies.
• Review applications against established vulnerability standards, such as the OWASP Top 10, and deliver prioritized remediation recommendations.
• Ensure all application and system deliverables align with DoD and Air Force cybersecurity policies, directives, and frameworks.
• Stay up to date with emerging security advisories, regulations, alerts, frameworks, and compliance standards including:
  •  ISO 27001
  •  NIST Cybersecurity Framework
  • DoD 8500 series
  • Risk Management Framework (RMF)
  • DIACAP / DIARMF equivalents
• Provide expert guidance on secure design principles, cloud security best practices, and container/Kubernetes security.
• Prepare detailed reports including:
  • Software assessment results
  • Vulnerability assessment findings
  • Risk mitigation and remediation plans

Citizenship: Must be a US citizen

Minimum Required Qualifications

Clearance: Must have and be able to maintain a Secret Level Clearance

Preferred Qualifications

Years of Experience: 10+ years of experience with 5+ years of experience in the DoD and must have 5+ years of experience in Level III application security, software development or IT Security

Certifications: CompTIA Sec+

• Understanding of multiple web development frameworks, including but not limited to (AngularJS, React, Django, and Spring)
• Understanding of Kubernetes container orchestration, networking concepts, and deployment strategies
• Experience with cloud computing concepts, architectures, and security best practices, including AWS

Additional Information

Location: Remote 

Travel: 10% travel may be required

#LI-KM1

Please Note: Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications.

This position is filled through continuous recruitment and will remain open until a sufficient pool of applications has been received.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, Tricare supplement, short-term disability, long-term disability, 401(k) match, flexible spending accounts, health savings accounts, employee assistance program, learning and development benefit, paid time off, and holidays.Odyssey Benefits