What are the responsibilities and job description for the Cybersecurity Engineer (ISSM) position at Crossflow Technologies?
Job Title: Cybersecurity Engineer (ISSM)
Location: Kettering, Ohio
Crossflow Technologies, INC. has an exciting opportunity for a Cybersecurity Engineer (ISSM) located Kettering, OH (Dayton/WPAFB area) to support our EPASS GB contract. As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the Foundation Logistics Information Technology Enterprise System (FLITES) is a new system within the AF to manage Item Master data. The FLITES will provide comprehensive Item Catalog and Provisioning functions for the Logistics business systems, and will replace the Item Management Control System (IMCS) suite of legacy systems, at a minimum. FLITES will be the central repository for the Item core business objects, providing standardization of Item cataloging processes, structure, attributes, propagation, and standardized views for all applicable Item types. Additionally, FLITES will receive product structure input from an engineering Product Lifecycle Management (PLM) type system. Foundational Logistics Information Technology Enterprise System (FLITES) is the Item data as a core underlying need for each Capability Initiative (CI), and as such will integrate with many logistics enterprise systems. The Air Force wants to rapidly modernize its enterprise logistics systems, most of which require Item data. The new FLITES will provide essential functionality of the legacy IMCS more efficiently and effectively in addition to implementing new functionality as described below. Without this support to the Program Management Office (PMO) under GBS, the Government would not be able to complete the required documentation, reporting, and program management support required for a Business Acquisition Category (BCAT) II program. This system will have high visibility following the 5000.75 process.
ESSENTIAL DUTIES/POSITION DESCRIPTION:
The successful candidate will provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official's Information System's Continuous Monitoring (ISCM) strategy.
The ISSM is the primary cybersecurity technical advisor to the AO, PM, and ISO. The ISSM ensures the integration of cybersecurity into, and throughout, the lifecycle of the IT, on behalf of the AO and in accordance with DoDI 8510.01 for the following:
• Completes and maintains required cybersecurity certification IAW AFMAN 17-1303;
Ensures all AF IT cybersecurity-related documentation is current and accessible to properly authorized individuals;
• Supports the PM or ISO in maintaining current authorization to operate, approval to connect (if required), and implementing corrective actions identified in the plan of actions and milestones;
• Coordinates, with the PM and AO staffs, development of an ISCM strategy and monitors any proposed or actual changes to the system and its environment;
• Continuously monitors the IT and environment for security-relevant events;
• Assesses proposed configuration changes for potential impact to the cybersecurity posture;
• Assesses the quality of security controls implementation against performance indicators;
• Ensures cybersecurity-related events or configuration changes that impact AF IT authorization or adversely impact the security posture are formally reported to the AO and other affected parties, such as IOs, stewards, and AOs of interconnected IT;
• Ensures all ISSOs and privileged users receive necessary technical training and obtain cybersecurity certification IAW AFMAN 17-1301, Computer Security (COMPUSEC), AFMAN 17-1303, and maintain proper clearances IAW DoDI 8500.01; and,
• Ensures the AF IT is acquired, documented, operated, used, maintained, and disposed of properly IAW DoDI 5000.02 and DoDI 8510.01.
JOB REQUIREMENTS/QUALIFICATIONS:
Must be a U.S. Citizen
Must have an active Secret clearance and must be able to maintain the required level.
The Information Systems Security Manager (ISSM) has the knowledge, experience and recognized ability to be considered highly skilled in their technical/professional field. Possesses the ability to perform tasks independently and oversee the efforts of junior and journeyman contractor personnel within the technical/professional discipline. Demonstrates advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise (Program Office, Enterprise and Staff Level Support interface).
All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to:
• Access control.
• Configuration management.
• System and communications protection.
• Contingency planning.
• Incident handling.
• System and information integrity.
• Security and privacy training and awareness; and,
• Software development activities, software and tools related to Cybersecurity.
Experience performing cybersecurity duties as outlined in DoDI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.
Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.
Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.
Experience with conducting information security continuous monitoring (ISCM) by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.
EDUCATION:
Master's or Doctorate Degree in a related field and ten years of experience in the respective technical/professional discipline being performed, five years of which must be in the DoD
OR, Bachelor's Degree in a related field and 12 years of experience in the respective technical/professional discipline being performed, five of which must be in the DoD
OR, 15 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, eight of which must be in the DoD.
CERTIFICATION REQUIREMENTS:
At a minimum, the successful candidate will meet the requirements for and maintain an IAM Level III Cybersecurity certification by possessing at least one of the following certifications as directed by DoD 8140 and outlined in DoD 8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
• ISACA CISM
• (ISC)2 CISSP
• GIAC GSLC
• EC Council CCISO
Additional Desired Certifications:
• Certified SCRUM Master
• Other Agile Certifications
The following skills are highly desirable but not required for this position:
• Working knowledge of the Agile Development methodology
• Experience using any, or all, of the following tools (Desired):
o CheckMarx
o SonarQube
o Jira
o Confluence
o Mavin
o Jenkins
o Bitbucket
U.S. Citizenship Required for this Position: Yes
Job Type: Full time
Security Clearance: Tier 3/Secret
Schedule: At customer's discretion
Work Location: Kettering, OH
Travel: 0-12
Relocation Assistance Available:No
Position Contingent Upon Award of Contract: No
|
Equal Opportunity/Affirmative Action Employer: Crossflow ensures that employment decisions and personnel actions are administered fairly, equitably, and in compliance with the federal, state, and local laws and regulations governing EEO and personnel management. All qualified individuals will receive consideration for employment opportunities without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Why Crossflow? Crossflow Technologies is proud to offer such wonderful benefits and perks to our employees; however, we feel the biggest perk is our company culture. We harbor a culture that extends down to the individual level by hiring people who understand and embrace our company values. Values like fervently protecting work-life balance and celebrating the achievements of others. To help guide and shape this environment, we strive to solicit feedback as frequently as possible through direct conversations and anonymous input. We take great pride in the fact that we've won the Best Places to Work award for the past four years - particularly when paired with having made the Inc. 5000 list for growth the same four years. To us, this demonstrates our ability to effectively scale our culture showing that Crossflow has been and continues to be, a place that people want to be. |
Benefit-Eligible Employee Perks:
EXCEPTIONAL HEALTH, DENTAL, AND VISION COVERAGE
Crossflow is pleased to offer employees with exceptional single and family options for health, dental, and vision coverage. Payments are taken from the first two paychecks of each month. At a glance,
• Health coverage choices (including an HSA) ranging from $0.00 to $146.40;
• Dental coverage ranges from $4.00 to $15.00; and
• Vision coverage ranges from $4.33 to $11.41.
CROSSFLOW KUDOS SPOT BONUS PROGRAM
We created a unique performance bonus program called Crossflow Kudos. Throughout the year, employees are nominated by other employees, company leads, and even individuals outside of Crossflow to receive additional compensation and personal recognition for their positive work. There are six broad categories in which employees can earn Kudos awards.
401(k) RETIREMENT PLAN & COMPANY MATCHING
Crossflow uses Principal as our 401(k) plan sponsor. Employees can choose payroll deduction and fund investing options. Payroll deductions will begin the month following your enrollment. Crossflow matches 100% of the first 3% of compensation, plus 50% of the next 2% of compensation.
HIGHER EDUCATION ASSISTANCE PROGRAM
Crossflow offers education assistance to benefit-eligible employees for degree programs at their director's discretion. Crossflow feels that a well-rounded education, even outside of an employee's current role, can enhance an employee's skillset and increase the company's value.
GENEROUS PTO ACCRUAL & FLEXIBLE LEAVE POLICY
Crossflow currently grants 11 federally observed paid holidays. In addition to these holidays, Crossflow offers a minimum of 2 weeks of paid time off (PTO) to all full-time employees. Employees may utilize PTO for any reason (sickness, vacation, personal day, etc.) and can carry over a maximum of 120 hours from year to year. Many employees are authorized to work additional hours within a normal, forty-hour pay period. This approval is included in the employee's offer letter for employment. These extra hours may be banked for compensatory (comp) time off.
PAID PARENTAL & BEREAVEMENT LEAVE
To help our employees be present with family during major life events, Crossflow provides additional PTO. We offer varying types of paid Parental Leave to aid birthing, non-birthing, and adoptive parents transition into parenthood. Crossflow also recognizes the importance of supporting employees who endure a death in their family by providing up to 5 days of paid Bereavement Leave a year.
PROFESSIONAL DEVELOPMENT FUNDING
We support employees who seek out personal or professional growth opportunities through a myriad of enabling programs to further equip themselves. Professional Development includes, but is not limited to, training courses, certificate programs, memberships to industry groups, and materials.
EMPLOYEE DRIVEN COMMUNITY ENGAGEMENT
We create as many opportunities as possible for employees to meet and build community. We offer monthly team bonding activities, allowing team members to assemble on a different level than at work. In addition to these gatherings, in 2021 we established Crossflow Cares, an employee-owned and operated charitable organization focused on awarding grants and providing volunteers to local non-profits. Furthermore, Crossflow Technologies is committed to serving the public by investing a large portion of our net income in the greater Huntsville/Madison County area.
MENTORSHIP PROGRAM & MORALE LUNCHES
The most successful people in the world always have a terrific team behind them, and Crossflow chooses to be the team behind the people, cheering our employees on to meaningful successes. Our Mentorship Program involves strategically pairing a protégé with a mentor who understands an employee's career aspirations and provides coaching towards that goal. A less structured version of this is our Morale Lunch program. We committed a portion of our budget to support our leads to meet with their team members over lunch and facilitate quality catch up sessions. The morale lunches have become a great tool for maintaining open communication and gaining insightful feedback.
Salary : $4 - $15
