DoD Cybersecurity Lead
Guidehouse - dayton, OH
Apply NowJob Description
Job Family : Operational Effectiveness Travel Required : Up to 10% Clearance Required : Active Secret What You Will Do : This position is for a DoD Cybersecurity Lead supporting the Air Force Life Cycle Management Center. Overall duties include applying knowledge and experience in Systems Security Engineering (SSE) disciplines to include: Anti-Tamper, Trusted Systems & Networks, Cybersecurity, Hardware/Software/Firmware Assurance, Supply Chain Risk Management, Acquisition Security, Cyber Resiliency, Information Protection, Critical Program Information (CPI) Identification, Critical Component Identification, Threat and Vulnerability Analysis, Test & Evaluation, and Risk Identification and Management. Responsible for the maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified). This position will require the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems. Perform system trusted downloads, burning classified Compact Discs (CDs), maintain and update host system patches, implement mandated system vulnerability mitigations and set up user accesses and accounts. Personnel shall demonstrate proficiency in currently utilized Windows Operating Systems (OS), Windows group policy objects, DoD Cybersecurity, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Endpoint Security System (SS)/Host-based Security System (HBS) and DoD Public Key Infrastructure (PKI). Assist the Information Systems Security Manager (ISSM) and provide multi-discipline expertise covering project management, system security engineering, system administration, and network administration. Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported. These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02. Provide cybersecurity support to assigned systems and shall assist in developing, modifying, reviewing or coordinating items that include, but are not limited to: PIT determination package, cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP. Assist in executing the cybersecurity RMF to support Assessment and Authorization (A&A) of assigned systems. Review required program office artifacts and make recommendations to support cybersecurity RMF analysis. Review and assist in coordinating approval for sanitization and declassification plans and/or procedures. Assist in performing vulnerability, threat, and risk assessments, and security impact assessments on assigned systems, modifications, and interconnections. Assist in developing an A&A report and an A&A presentation for each required system to support approval decisions. Assist in managing, planning, documenting, and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems. Assist in evaluating the technical implementation of the security design to ascertain that security software, hardware and firmware features affecting confidentiality, integrity, availability, accountability and non-repudiation have been implemented as documented in the Director of Central Intelligence Directive (DCID) 6/3, JSIG, DoDI 8500.01, DoDI 8510.01, and NIST 800-53, and that the features perform properly. Assist in documenting and reporting IV&V test plans, results, anomaly reports, recommendations, activity reports and other special reports as required. Assist in performing cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation, and to support final approval for Interim Authority to Test (IATT), Interim Authority To Operate (IATO), Authority To Operate (ATO), and/or Authority To Connect (ATC). Assist in documenting and reporting cybersecurity site audit findings and recommendations to the program office and/or Security Certification Authority (CA). Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results. Assist in performing software security analyses to assess the vulnerabilities and risks. The results should be documented and reported to the PM and the Security CA. Assist with developing an approach for performing operational SWA sensitivity analysis. Assist with developing SWA test metrics for inputs to the TEMP. Provide technical assistance and support to perform the cybersecurity strategy tasks required by DoD and AF acquisition, cyber, science and technology, test, or other directives. Perform RMF-related activities including the development, coordination, revision, and publication of RMF-required documents. Provide subject matter expertise as needed to the directorate's capability development planning activities conducted under AFI 61-101, Management of Science and Technology. What You Will Need: An ACTIVE and MAINTAINED SECRET federal security clearance with the ability to obtain a TOP SECRET/SCI Bachelor's Degree SIX (6) or more years of relevant Cyber Security experience Possess a Certified Information Systems Security Professional (CISSP) certification A strong knowledge understanding DoD Cyber Security policies and procedures Experience applying cyber security within the DoD and USAF weapon systems What Would Be Nice to Have: An ACTIVE and MAINTAINED TOP SECRET/SCI federal security clearance Understanding of the DoD and USAF acquisition organizations Experience working with Microsoft Excel, Word, PowerPoint, SharePoint, and Project Knowledge of Aircraft Avionics What We Offer : Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace. Benefits include: Medical, Rx, Dental & Vision Insurance Personal and Family Sick Time & Company Paid Holidays Position may be eligible for a discretionary variable incentive bonus Parental Leave and Adoption Assistance 401(k) Retirement Plan Basic Life & Supplemental Life Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts Short-Term & Long-Term Disability Student Loan PayDown Tuition Reimbursement, Personal Development & Learning Opportunities Skills Development & Certifications Employee Referral Program Corporate Sponsored Events & Community Outreach Emergency Back-Up Childcare Program Mobility Stipend About Guidehouse Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco. If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation. Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.
Created: 2024-11-05