Junior-Level System Cybersecurity Analyst/Engineer

Job Description

HII Mission Technologies Division’s Fighters and Advanced Aircraft and Bombers Team seeks a junior-level System Cybersecurity Analyst/Engineer. The System Cybersecurity Analyst/Engineer is part of a Cyber team tasked with performing system cybersecurity analysis and risk mitigation for new aircraft systems, aircraft system modifications, and aircraft support equipment for the United States Air Force. This individual will be responsible for following Risk Management Framework (RMF) Assessment and Authorization (A&A) processes for weapon systems that will generate unclassified and classified data. As part of this process, the applicant will develop, coordinate, and maintain all documentation required for A&A packages in achieving an Interim Approval to Test and an Authority to Operate as required by the acquisition program.

Location: Wright-Patterson Air Force Base, Dayton, OH (On-Site)

Essential Job Responsibilities

• Apply an understanding of DoD, Air Force and common engineering/scientific principles, processes and procedures to improve performance and sustainability of existing and future weapon systems.
• Develop and maintain Risk Management Framework documentation necessary to obtain Authorizations including but not limited to the System Security Plan (SSP), Architecture Analysis Report (AAR), Continuous Monitoring Plan, Security Control Traceability Matrix (SCTM), Security Assessment Report (SAR) and Risk Assessment Report (RAR).
• Lead development and manage coordination/approval of technical documentation for acquisition programs such as Information Support Plans, Cybersecurity Strategies, and Clinger-Cohen Act Compliance.
• Support system engineering and program management in conducting and reviewing milestone documentation including System Requirements Review (SRR), Preliminary Design Reviews (PDR), Critical Design Reviews (CDR) and Program Management Reviews (PMR).
• Perform information system security engineering tasks, ensuring that information security requirements are properly implemented throughout the processes of security architecture, design, development, configuration, and implementation.
• Develop, implement, and enforce information systems security policies ensuring system security requirements are addressed during all phases of the acquisition and Information System lifecycle.
• Review, analyze and validate system security designs within embedded avionics systems to validate security control and architecture implementations.
• Conduct Assessment & Authorization (A&A) tasks in accordance with the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policy; identify deficiencies and provide recommendations of risk mitigation to program management.
• Employ best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
• Assist program managers, system engineers and cyber test engineers in conducting Mission Based Cyber Risk Assessments.
• Identify points of vulnerability, non-compliance with established cybersecurity standards and regulations, and recommend mitigation strategies.

Minimum Qualifications

• Bachelors in a Cybersecurity-related field plus 2 years of relevant experience; or a Masters in a Cybersecurity-related field
• Relevant experience is defined as performance of Cybersecurity-related activities on a Department of Defense system (Preferably a U.S. Air Force Aircraft System) or on a Communications, Navigation, or other aircraft system
• Secret-level security clearance minimum at the time of application with the ability to obtain a TS-level security clearance
• The candidate must be self-motivated, able to work in a team, willing to learn new concepts and processes, and able to take constructive criticism and adapt/learn from mistakes
• The candidate must be able to work independently and, in a team, to create quality products on time
• The candidate must be able to communicate clearly and effectively verbally and in writing
• The candidate must be proficient in the use of Microsoft Office products such as Outlook, Word, Excel, and PowerPoint

Preferred Requirements

• Cybersecurity-related certifications
  
  

Physical Requirements

Work will be in a typical office environment. Light lifting may be required.