Senior Cybersecurity Specialist
Overview:
Senior Cybersecurity Specialist
Be the Difference
Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.
Job Title:
EPASS GBS.017.018.047 Cybersecurity (ISSM - Senior)
Location:
Dayton, OH- Dayton, OH US Ohio
- Wright Patterson AFB
- Dayton, OH 45324 US (Primary)
Job Description:
Astrion has an exciting opportunity for a Cybersecurity Engineer (ISSM) located at Wright-Patterson Air Force Base in Dayton, Ohio to support three programs our EPASS GB contract. As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the Logistics Management Data Bank (LMDB) is comprised of two sub-systems: Automated Budget Compilation System (ABCS) and Logistics Reassignment (LR).ABCS collects, organizes and integrates data from AF legacy systems to provide Financial Management reports for the Secretary of the AF (SAF). ABCS provides a system to adjust and track spares requirements regarding buy and repair budgets. Termination actions are provided a reason code and reports are provided.
ABCS functionality supports Consolidated Support Activity Group (CSAG) Supply budget formation, depot maintenance workload planning, tracking of on-order excess and Performance Based Logistics (PBL) contractual requirements definition for weapon systems.
LMDB manages approximately 75K items with an estimated buy and repair budget of $5B. Logistics Reassignment (LR) capabilities include the generation of the cataloging transactions and data required to transfer items management responsibility to the Defense Logistics Agency (DLA).
LR provided transactions to enable DLA to register items, delete obsolete records, maintain existing records, identify exceptions and monitor engineering support of weapon system items.
The Air Force Distribution Standard System (AF DSS) is an Office of the Secretary of Defense (OSD) directed shipping/receiving/storing system mandated to provide Positive Inventory Control (PIC) of all AF-owned Nuclear Weapons Related Material (NWRM) processed at the Depot level.AF DSS passes critical financial and logistical (item management) data to D035K (Wholesale and Retail Receiving/Shipping System – WARRS) which then passes the data to D035J (Financial Inventory Accounting and Billing System – FIABS), thus impacting accounting and auditable records of NWRM.
AF NWRM items are stored in multiple locations, but the only AF Wholesale (Depot Level) storage/repair facility for AF NWRM is located at the NWRM Storage Facility (NSF), Hill AFB, Ogden, UT.
The Contractor Supported Weapon System Data Exchange (CSWS DE) is the only capability the AF has to obtain data from contractor databases to populate AF systems. CSWS DE facilitates data between the Contractor Inventory Control Points (CICPs) and AF legacy systems that do not allow direct commercial access.This enables contractors to input and view, with Government concurrence, needed information. It is automated web-based tech solution to collect spares, parts usage, failure rate and pipeline data from contractors and pass that data to Government legacy systems.
This provides asset visibility from forward operating locations to supply systems, to contractor and perhaps to supplier inventories. Spares Support IPT have on-line edit and query capabilities and users visibility of spares and usage data via the internet.
Introduction: CSWS DE was an AF/A4LR initiative to provide visibility of contractor controlled weapon system item usage data during all phases of operational use. This data enhances the Government's position in determining the spares requirements at the transition point decision to continue with contractor Contract Logistics Support (CLS).
ESSENTIAL DUTIES/POSITION DESCRIPTION:
The successful candidate will provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official’s Information System’s Continuous Monitoring (ISCM) strategy.
The ISSM is the primary cybersecurity technical advisor to the AO, PM, and ISO. The ISSM ensures the integration of cybersecurity into, and throughout, the lifecycle of the IT, on behalf of the AO and in accordance with DoDI 8510.01 for the following:
- Completes and maintains required cybersecurity certification IAW AFMAN 17-1303;
- Ensures all AF IT cybersecurity-related documentation is current and accessible to properly authorized individuals;
- Supports the PM or ISO in maintaining current authorization to operate, approval to connect (if required), and implementing corrective actions identified in the plan of actions and milestones;
- Coordinates, with the PM and AO staffs, development of an ISCM strategy and monitors any proposed or actual changes to the system and its environment;
- Continuously monitors the IT and environment for security-relevant events;
- Assesses proposed configuration changes for potential impact to the cybersecurity posture;
- Assesses the quality of security controls implementation against performance indicators;
- Ensures cybersecurity-related events or configuration changes that impact AF IT authorization or adversely impact the security posture are formally reported to the AO and other affected parties, such as IOs, stewards, and AOs of interconnected IT;
- Ensures all ISSOs and privileged users receive necessary technical training and obtain cybersecurity certification IAW AFMAN 17-1301, Computer Security (COMPUSEC), AFMAN 17-1303, and maintain proper clearances IAW DoDI 8500.01; and,
- Ensures the AF IT is acquired, documented, operated, used, maintained, and disposed of properly IAW DoDI 5000.02 and DoDI 8510.01.
Job Requirements:
The Information Systems Security Manager (ISSM) has the knowledge, experience and recognized ability to be considered highly skilled in their technical/professional field. Possesses the ability to perform tasks independently and oversee the efforts of junior and journeyman contractor personnel within the technical/professional discipline.Demonstrates advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise (Program Office, Enterprise and Staff Level Support interface).
All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to:
- Access control.
- Configuration management.
- System and communications protection.
- Contingency planning.
- Incident handling.
- System and information integrity.
- Security and privacy training and awareness; and,
- Software development activities, software and tools related to Cybersecurity.
- Experience performing cybersecurity duties as outlined in DoDI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.
- Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.
- Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.
- Experience with conducting information security continuous monitoring (ISCM) by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.
EDUCATION:
Master's or Doctorate Degree in a related field and ten years of experience in the respective technical/professional discipline being performed, five years of which must be in the DoD OR, Bachelor's Degree in a related field and 12 years of experience in the respective technical/professional discipline being performed, five of which must be in the DoD
OR, 15 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, eight of which must be in the DoD.
CERTIFICATION REQUIREMENTS:
At a minimum, the successful candidate will meet the requirements for and maintain an IAM Level III Cybersecurity certification by possessing at least one of the following certifications as directed by DoD 8140 and outlined in DoD 8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
- ISACA CISM
- (ISC)^2 CISSP
- GIAC GSLC
- EC Council CCISO
Additional Desired Certifications:
- Certified SCRUM Master
- Other Agile Certifications
OTHER QUALIFICATIONS:
Candidate must be a US Citizen
Candidate must possess and be able to maintain a T3/Secret Clearance
The following skills are highly desirable but not required for this position:
- Working knowledge of the Agile Development methodology
- Experience using any, or all, of the following tools (Desired):
- CheckMarx
- SonarQube
- Jira
- Confluence
- Mavin
- Jenkins
- Bitbucket
- Competitive salaries
- Continuing education assistance
- Professional development allotment
- Multiple healthcare benefits packages
- 401K with employer matching
- Paid time off (PTO) along with a federally recognized holiday schedule
Who We Are
At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to “Be the Difference”. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.
We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what’s possible. We promote collaboration and empowering our teams is at the core of our success.
Join Astrion and Be the Difference in your career and the world!
Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
#DICE
#CJ
#MON
#LI-SD1
#CJ #MON