Apogee has an exciting new opportunity for a Cybersecurity Engineer to support the Intelligence, Surveillance, Reconnaissance, and Special Operations Forces (ISR & SOF) Directorate within AFLCMC. This is a full-time position located on-site at Wright-Patterson Air Force Base (AFB) in Dayton, Ohio.
Requirements
- Provide expert weapons system cybersecurity guidance and recommendations to acquisition authorities and Authorizing Official (AO) to develop secure, resilient systems.
- Translate and provide comprehensive NIST 800-53 requirements to ensure Systems Security Engineering (SSE) and solutions are incorporated into an integrated program protection scheme.
- Provide subject matter expertise to execute Risk Management Framework (RMF) to support Assessment & Authorization (A&A) of assigned systems including generating required artifacts (Interim Authority to Test [IATT], Authority to Connect [ATC], and Authority to Operate [ATO]).
- Execute risk reduction-based policies and procedures, and develop system specific comprehensive cybersecurity processes to include implementation of continuous monitoring.
- Document system architectures to support the cyber analysis, identification, selection, and tailoring of security and privacy controls necessary to protect the system.
- Provide expert level evaluation of designs and proposed implementation solutions to defend weapon systems and critical networks against malicious and non-malicious exploitation.
- Evaluate threat data and develop residual risk recommendations and mitigations to senior DoD and AF leadership based on identification and analysis of weapons vulnerabilities.
- Review and analyze interoperability requirements and shall review, develop and evaluate resultant specifications and internal and external Interface Control Documents (ICDs).
- Review and propose technical recommendations regarding critical technologies requiring Program Protection Plans (PPP), Anti-tamper (AT) plans, cyber findings, vulnerabilities, and risks.
- Ensure contractual documentation (such as Statements of Work and contract deliverable lists) incorporate cybersecurity requirements and conduct technical evaluations on vendors' proposals to ensure that cybersecurity requirements are properly addressed.
- Provide expert identification, documentation, and assessment of threats, cyber findings, vulnerabilities, attack scenarios, impacts if exploited, and likely timelines for exploitation.
- Provide stakeholders with on-time deliverables, RMF artifacts, cyber impact assessments, and approaches to meet growing ISR & SOF requirements.
Benefits
- Health insurance
- Retirement plan
- Paid time off
- Holiday pay
- Other benefits
