Overview
Cybersecurity Specialist
Be the Difference
Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, Test And Evaluation, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.
Astrion has an exciting opportunity for an F-15 Cybersecurity Specialist for the F-15 System Program Office within Astrion’s Air Force Division, F-15 Division OFP/Special Projects Branch.
JOB DETAILS
LOCATION: Dayton, Ohio
JOB STATUS: FT
TRAVEL: 15% or <
REQUIRED QUALIFICATIONS / SKILLS
- BS degree in a computer science or engineering discipline
- Minimum of 10 years of security engineering experience
- CISSP required
- Current Required Security Clearance: Top Secret
DESIRED QUALIFICATIONS / SKILLS
- Independently demonstrate proficiency in the use of Microsoft Office Applications (Outlook, Word, Excel, PowerPoint, SharePoint, Skype/Lync, and MS Teams), Adobe Acrobat, and applications for access to the World Wide Web including MS Internet Explorer. The Contractor may be required to learn to use other commercial or specialized computer applications as specified in this PWS.
- Possess knowledge of anti-tamper/certification and accreditation engineering in support of the following system security/Information Assurance (IA) tasks:
- CPI/CT identification;
- Threat and vulnerability analysis;
- Risk identification and management;
- Cost analysis;
- Program engineering milestone reviews;
- DoD RMF and/or PIT processes;
- SSP development;
- working group, and;
- Developing/coordinating (with program office personnel, certification authority,
- designated approval authority, Air Force Operational Test and Evaluation Center and
- operational command personnel) presentations and IATT, and ATO packages.
RESPONSIBILITIES
- The Contractor shall be designated as the F-15 ISSM and Information Systems Security Engineer (ISSE) or assist the already designated F-15 ISSM and ISSE.
- Provide multi-discipline expertise covering program management and system security engineering combined with extensive F-15 systems and configuration experience.
- Responsible for maintaining the overall cybersecurity posture of the F-15 platform systems, and are accountable for the implementation of DoD 8510.01.
- Act as the cybersecurity technical advisor to the aircraft and SAP Authorizing Official (AO) for all F-15 Platform Information Technology (PIT) systems under their purview, ensuring all cybersecurity-related events/configuration changes that may impact F-15 platform system authorizations or security posture are formally reported to the AO and other affected parties.
- Support the development, execution, and maintenance of the F-15 system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.
- Provide direct support to assure compliance to the most current revision of the cybersecurity directives applicable to PIT, PIT Interface and non-PIT systems being supported. These include DoDI 5205.11, DoDM 5205.07, DoDI 8500.01 Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, AFI 17-101, AFI 33-200, and directives/ guidance identified MIL-HDBK-516B Expanded.
- Provide cybersecurity support to assigned systems and shall develop, modify, review or coordinate items that include, but are not limited to, PIT determination package, cybersecurity strategy, cybersecurity impact assessment, cybersecurity system categorization, Architecture Analysis Report (AAR), System Security Plan (SSP), System Controls Traceability Matrix (SCTM), Risk Assessment Report (RAR), Plan of Action and Milestones (POA&M), SAP, artifacts for program review and RFP.
- The Contractor shall execute the cybersecurity RMF to support Assessment and Authorization (A&A) of assigned systems.
- Review required F-15 Division and program office artifacts and make recommendations to support cybersecurity RMF analysis. In order to support development systems and upgrades to sustainment systems going through various experimental tests, Developmental Tests (DT), and Operational Tests (OT), the Contractor shall review, provide analysis and submit for approval Interim Authority to Test (IATT) packages on behalf of PMs.
- Review and coordinate approval for sanitization and declassification plans and/or procedures and perform mission-based cyber risk assessments and security impact assessments on assigned systems, modifications, and interconnections as well as support approval decisions, the Contractor shall develop an A&A package and presentation for each required system, consisting of PIT A&A approvals currently consist of the following: IATT, Authority to Operate (ATO), and Authority to Connect (ATC).
- Assist in managing, planning, documenting and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems and evaluate the technical implementation of the security design to ascertain that security software, hardware and firmware features affecting confidentiality, integrity, availability, accountability and non-repudiation have been implemented as documented in the JSIG, DoDI 8500.01, DoDI 8510.01, and NIST 800-53, and that the features perform properly in addition to documenting and reporting IV&V test plans, results, anomaly reports, recommendations, activity reports and other special reports as required.
- Perform cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity T&E, and to support final approval for ATO, and/or ATC as well as documenting and reporting cybersecurity site audit findings and recommendations to the program office and/or security Cognizant Authority (CA).
- Conduct Software Assurance (SWA) risk assessments and assist the Government in conducting Supply Chain Risk Management (SCRM). The Contractor shall assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents (e.g., SEP, PPP, and SSP).
- Review and make recommendations to the systems engineering SI certifying officials regarding CT requiring protection, PPP, SI plans, techniques, threats/vulnerabilities, risk and results. The Contractor shall monitor and evaluate SI efforts for impacts to the program and provide recommendations to the Government. The Contractor shall the F-15 Division systems engineering team and the SI DoD executive agent to produce one.
- Assist the Government with OSS&E and CNS/ATM airworthiness assessment for certification to ensure that DoD aircraft are safe and that they meet the requirements of the Federal Aviation Administration in the U.S. and the International Civil Aviation Organization. The Contractor shall submit written reports including, but not limited to,technical evaluation reports, white papers, and comment matrices on the above technical areas to the Government.
What We Offer
- Competitive salaries
- Continuing education assistance
- Professional development allotment
- Multiple healthcare benefits packages
- 401K with employer matching
- Flexible time off (FTO) along with a federally recognized holiday schedule
Who We Are
At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to “Be the Difference”. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.
We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what’s possible. We promote collaboration and empowering our teams is at the core of our success.
Join Astrion and Be the Difference in your career and the world!
Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
“Dayton Employment Opportunities”
#Dice