Cybersecurity SME

Cybersecurity SME

LOCATION:Hanscom AFB, Bedford, MA

Salary Range: $175-$185,000 annually

JOB STATUS:Full-time

CLEARANCE: SECRET

CERTIFICATION: Yes, see list below

TRAVEL:~20% CONUS and OCONUS

Astrion has an exciting opportunity for a Cybersecurity Principal located at Hanscom AFB in Bedford Massachusettsto support the Air Force Life Cycle Management Center/PEO Electronic Systems (AFLCMC/ES). The Air Force Program Execution Office for Electronic Systems (AFPEO/ES) has the collective Air Force Materiel Command (AFMC) mission responsibility to manage and execute the modernization, development, testing, production, fielding, and sustainment of the PEO Digital portfolio, which includes over 130 programs for the United States Air Force (USAF) and foreign allies. AFLCMC/PEO Electronic Systems is headquartered at Hanscom Air Force Base, MA with geographically separated operating units CONUS and OCONUS.

This is a full-time position located at Hanscom AFB. Position will travel to OCONUS and CONUS locations, including the Middle East, Currently the Nation of Qatar but other OCONUS locations may also be supported.

QUALIFICATIONS / SKILLS:

• Citizenship: Must be a US citizen

• Clearance:Must have a be able to maintain a Secret Level Clearance

• Education:BA Degree in Technical Discipline/MS preferred

• Years of Experience: 20 years of directly related experience, 10 years of which must be in the DoD

  • Proficieny in:
    • Understanding of cybersecurity in DoD cloud infrastructure
    • Understanding of Agile methods, including CI/CD, DevSecOps, and DevOps
    • Possess the ability to effectively communicate in both written and verbal forms on highly technical topics
    • Ability to interface professionally with all levels of DOD and Foreign Civilian and Military
• Certifications:Have one of the following certifications:
  • CISM
  • CISSO
  • FITSP-D
  • GCIA
  • GCSA
  • GCLD
  • GDSA
  • GICSP
  • CISSP-ISSAP, or
  • CISSP-ISSEP
• Have extensive knowledge and/or experience in the following:
  • Commercial solutions for classified (CSfC) and/or NSA approval process
  • Cross domain solution (CDS) design and approval
  • Demonstrated experience with network architecture and design. Demonstrated experience with DoD networking preferably with or supporting a Joint Communications Support Element (JCSE)
  • Working knowledge of software defined networking (SDN)
  • DoD RMF implementation (including ATO, ATC and reciprocity)
  • Skilled in managing eMASS system packages
  • Working knowledge of administrating servers, system and application security threats and vulnerabilities
  • DISA Security Technical Implementation Guide (STIG) implementation.
  • Assured Compliance Assessment Solution (ACAS) tool usage.

PREFERRED QUALIFICATIONS /SKILLS:

• Bachelor's or Master's Degree in a professional engineering discipline from an ABET-accredited educational program along with a minimum of 25 years of experience in the respective technical/professional discipline being performed, 15 years of which must be in the DoD OR,
  • Master's or Doctorate Degree in a related field and a minimum of 20 years of experience in the respective technical/professional discipline being performed, 12 years of which must be in the DoD.

RESPONSIBILITIES:

In this Advisory and Assistance Services (A&AS) role, you will provide expert-level support to Department of Defense (DoD) programs by assisting government leadership with decision-making, planning, and execution throughout the acquisition lifecycle. You will apply your technical and/or professional expertise to ensure compliance with applicable policies and regulations, contribute to mission success, and help deliver critical capabilities to the warfighter.

Duties include, but not limited to:

• Lead development and review of system security documentation including System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, and security CONOPS in accordance with DoDI 5000.02, DoDI 8510.01, MIL-STD-1785, and the Adaptive Acquisition Framework

• Support system and application Authorization & Accreditation (A&A) activities under the Risk Management Framework (RMF), ensuring completeness, quality, and compliance of all artifacts

• Manage RMF implementation activities including ATO/ATC, reciprocity, and ongoing continuous monitoring

• Administer and manage eMASS system packages

• Provide technical leadership in network and system architecture design with an emphasis on cybersecurity, including DoD and joint networking environments

• Support cross-domain solutions (CDS), Commercial Solutions for Classified (CSfC), and NSA approval processes

• Assess and mitigate system, network, and application vulnerabilities, including ACAS scanning and STIG implementation

• Recommend security configurations, software changes, and compensating controls to mitigate risk

• Conduct cybersecurity risk and vulnerability assessments across planned and fielded systems

• Develop risk-based mitigation strategies and advise leadership on security tradeoffs impacting mission execution

• Recommend and update cybersecurity policies, procedures, and contingency plans, including disaster recovery

• Support waivers and deviations for mandated security controls when required to meet mission performance needs

• Provide acquisition program security support throughout the system lifecycle, including source selections

• Maintain and audit classified information databases, visit records, clearance tracking, and classified holdings

• Evaluate contractor classified data submissions for compliance with System Security Classification Guides (SSCGs)

• Update security classification guides and prepare acquisition security documentation

• Advise government leadership on cybersecurity design, implementation, and compliance
• Collaborate with government and commercial stakeholders to achieve RMF authorization approvals
• Develop and deliver cybersecurity awareness and training programs
• Support Foreign Military Sales (FMS) activities and interface with U.S. Government and international partners