Cybersecurity SME

• Respnsible for the maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified).
• This position will require the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems.
• The individual shall perform system trusted downloads, burning classified Compact Discs (CDs), maintain and update host system.
• Have knowledge of the Systems Security Engineering disciplines to include Anti-Tamper, Trusted Systems & Networks, Cybersecurity, Hardware/Software/Firmware Assurance, Supply Chain Risk Management, Acquisition Security, Cyber Resiliency, and Information Protection.
• Support the Systems Engineer with program engineering milestone reviews, test planning, and certification and accreditation packages.
• Assist the Information Systems Security Manager (ISSM) and provide multi-discipline expertise covering project management, system security engineering, system administration, and network administration.
• Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported. These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02.
• Provide cybersecurity support to assigned systems and shall assist in developing, modifying, reviewing, or coordinating items that include, but are not limited to: PIT determination package, cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP.
• Provide RMF expertise and support for PIT products or other non-traditional products which may be evaluated or implemented under the provisions of DoDI 5000.02, AF 17-series directives, AFI 61-101 or AFGM 2018-63-146-01 to include review required program office artifacts and make recommendations to support cybersecurity RMF analysis.
• Assist in evaluating the technical implementation of the security design to ascertain that security software, hardware and firmware features affecting confidentiality, integrity, availability, accountability, and non-repudiation have been implemented as documented in the Director of Central Intelligence Directive (DCID) 6/3, JSIG, DoDI 8500.01, DoDI 8510.01, and NIST 800-53, and that the features perform properly. Assist in documenting and reporting IV&V test plans, results, anomaly reports, recommendations, activity reports and other special reports as required.
• Assist in performing cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation, and to support final approval for Interim Authority to Test (IATT), Interim Authority To Operate (IATO), Authority To Operate (ATO), and/or Authority To Connect (ATC).
• Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results.
• Assist the Government in conducting Supply Chain Risk Management (SCRM).
• Assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP

Disclaimer "The responsibilities and duties outlined in this job description are intended to describe the general nature and level of work performed by employees within this role. However, they are not exhaustive and may be subject to change or modification at any time to meet the evolving needs of the organization

• Advanced Degree (Master of Arts (MA) / Master of Science (MS)) and twelve (15) years of experience in the respective technical / professional discipline being performed, five (5) years of which must be in the DoD
• OR, BA/BS degree, and fifteen (18) years of experience in the respective technical/professional discipline being performed, five (5) of which must be in the DoD
• OR, twenty (24) years of dire
• SME subject matter expertise for rapid acquisition activities including rapid prototyping and fielding conducted under AFGM 2018-63-146-01 Rapid Acquisition Activities or subsequent publication.
• Proficiency with Windows Operating Systems (OS), Windows group policy objects, DoD Cybersecurity, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Endpoint Security System (SS)/Host-based Security System (HBS) and DoD Public Key Infrastructure (PKI).
• Understanding of Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported. These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02.
• Developing and manage PIT determination packages, to include cybersecurity strategy (formerly IAS), System Security Plan (SSP), systectly related experience with proper certifications as described in the Functionally Aligned Job Descriptions, eight (8) of which must be in the DoD.
• U.S. Citizenship required; Ability to obtain and maintain a Secret DOD Secret Security Clearance
• Minimum of 10 years of Cybersecurity Experience, with 5 of that in the US Department of Defense (DoD)
• SME subject matter expertise for rapid acquisition activities including rapid prototyping and fielding conducted under AFGM 2018-63-146-01 Rapid Acquisition Activities or subsequent publication.
• Proficiency with Windows Operating Systems (OS), Windows group policy objects, DoD Cybersecurity, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Endpoint Security System (SS)/Host-based Security System (HBS) and DoD Public Key Infrastructure (PKI).
• Understanding of Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported. These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02.
• Developing and manage PIT determination packages, to include cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP.
• Managing, planning, documenting, and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems.
• Identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the result
• Conducting agement of Science and Technology.
• Provide capaSupply Chain Risk Management (SCRM). Developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP.
• Provide subject matter expertise as needed to the directorate's capability development planning activities conducted under AFI 61-101, Manbility development planning and rapid acquisition activities, provide technical assistance, expertise and support for technical solutions which involve products not normally found in the DoD weapon systems acquisition programs such as COTS products, commercial items, and non-developmental items as defined in FAR Parts 2 and 12, or technologies developed by non-traditional contractors.
• Already possess or willing to obtain within 6 months of hire: Appropriate baseline DoD 8570 certification and continuing education for their assigned position category or specialty and level.
• Possesses the advanced knowledge, experience, and recognized ability to be considered an expert in the technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and journeyman personnel within the technical/professional discipline
• Will demonstrate advanced knowledge of technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures, and practices in their area of expertise

US Citizenship required; Active Secret Clearance with the ability to obtain and maintain DoD TS/SCI clearance after start date

Preferred Qualifications

• Active DoD 8570 certification
• Active TS/SCI clearance