Cybersecurity Engineer (ISSO) Journeyman

Benefits

Additional Information

Torch Technologies Thank you for your interest in employment with Torch Technologies. We are a 100% employee-owned, Certified Great Place To Work and named Best Places to Work in Huntsville/Madison County, headquartered in Huntsville, AL. Our team provides superior research, development, and engineering services to the Federal Government and Department of War. As one of the nation's top 100 defense companies, the services we provide directly support the men and women who serve our country. Our corporate mission sums up the pride our employee-owners take in the work we do: "Lighting the Pathway of Freedom". And, as a Certified Evergreen ESOP, we have made the commitment to grow and sustain our company for the next 100 years! Come grow with us! Torch Technologies has an exciting opportunity for a Cybersecurity Engineer (ISSO) Journeyman located Kettering, OH (Dayton/WPAFB area). As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the Autodin InterSite Gateway (AISG) program is a cloud application providing AFMC designated essential system that provides a flexible communications medium to support inter-site communications throughout AFMC. AISG translates data from one format to another for the gaining system to process properly. The successful candidate will provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official's Information System's Continuous Monitoring (ISCM) strategy. As a Cybersecurity Engineer (ISSO) Journeyman your duties will include the following, but are not limited to: Provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoWI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official's Information System's Continuous Monitoring (ISCM) strategy. Responsible for ensuring the appropriate operational security posture is maintained for the assigned IT. Implements and enforce all AF cybersecurity policies, procedures, and countermeasures. Completes and maintains required cybersecurity certification IAW AFMAN 17-1303. Ensures all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301. Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System. Ensures software, hardware, and firmware complies with appropriate security configuration guidelines, e.g., security technical implementation guides/security requirement guides. Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system-level ISSM, SCA, and/or the Wing Cybersecurity office. Initiates protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered. Reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203. Initiates exceptions, deviations, or waivers to cybersecurity requirements. Job Requirements U.S. Citizenship Bachelor's or Master's Degree in a related field and 3 years of experience in the respective technical/professional discipline being performed, three of which must be in the DoW OR Seven years of directly related experience with proper certifications, five of which must be in the DoW. Must have the ability to problem solve and troubleshoot various situations to develop successful outcomes within established program/project guidelines. All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to: Access control. Configuration management. System and communications protection. Contingency planning. Incident handling. System and information integrity. Security and privacy training and awareness; and, Software development, software and tools Experience performing cybersecurity duties as outlined in DoWI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT. Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan. Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the app