Provide Cyber Security Engineering support to the Air Force Weather Systems Branch, which is within the Battle Management Directorate (AFLCMC/HB) at Hanscom AFB, MA.
Bachelor’s Degree in a related technical discipline.
A minimum of 5 years work experience, with experience on DoD or Air Force acquisition programs desirable.
Per DoD 8570, must have a current Security+ certification. CISSP certification is desirable.
Candidate should have proficiency in the RMF process and be able to use eMASS.
Candidate must have an active US security clearance.
Ensure engineering activities (analysis, design, implementation, maintenance, and monitoring) best meets (as resources allow) established requirements (e.g., RMF, DISA Security Technical Implementation Guide (STIGs), CYBERCOM and AF Network Orders).
Implements Risk Management Framework through implementation and assessment of security controls within eMASS.
Maintains Plan of Action and Milestones (POA&M) for information systems and programs.
Reviews DISA STIGs and Network Scans (ACAS/NESSUS) for vulnerabilities and secure configurations; provides feedback to Information System Security Manager (ISSM), Program Manager (PM) or Program Staff as necessary.
Responsible for ensuring information systems are secure and that data maintained in these systems is protected from unauthorized access.
Evaluate all COTS products (hardware and software) to ensure they meet current information assurance standards and that security patches released by OEMs are installed and verified.
Evaluate current status of potential information system threats from casual intrusion to intrusions meant to permanently or irreparably degrade system performance of protection.
Interpret and analyze processing anomalies in major complex engineering systems and take corrective action.
Develop, review, and refine Continuity of Operations (COOP) package documentation and related artifacts.
Perform validation of systems, including development of criteria and procedures.
Develops, reviews, and approves plans, schedules, and other technical documentation.