DoD Cybersecurity Lead

Job Family:

Travel Required:

Clearance Required:

What You Will Do:

This position is for a DoD Cybersecurity Lead supporting the Air Force Life Cycle Management Center. Overall duties include applying knowledge and experience in Systems Security Engineering (SSE) disciplines to include: AntiTamper Trusted Systems & Networks Cybersecurity Hardware/Software/Firmware Assurance Supply Chain Risk Management Acquisition Security Cyber Resiliency Information Protection Critical Program Information (CPI) Identification Critical Component Identification Threat and Vulnerability Analysis Test & Evaluation and Risk Identification and Management.

Responsible for the maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified). This position will require the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems. Perform system trusted downloads burning classified Compact Discs (CDs) maintain and update host system patches implement mandated system vulnerability mitigations and set up user accesses and accounts. Personnel shall demonstrate proficiency in currently utilized Windows Operating Systems (OS) Windows group policy objects DoD Cybersecurity National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) Security Technical Implementation Guides (STIGs) Endpoint Security System (SS)/Hostbased Security System (HBS) and DoD Public Key Infrastructure (PKI).

Assist the Information Systems Security Manager (ISSM) and provide multidiscipline expertise covering project management system security engineering system administration and network administration.

Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT) PITI and nonPIT systems being supported. These include DoDI 8500.01 Cybersecurity DoDI 8510.01 RMF for DoD IT JSIG NIST 80053 and directives/guidance identified in DoDI 5000.02.

Provide cybersecurity support to assigned systems and shall assist in developing modifying reviewing or coordinating items that include but are not limited to: PIT determination package cybersecurity strategy (formerly IAS) System Security Plan (SSP) system controls traceability matrix risk assessment report plan of action and milestones security assessment plan artifacts for program review and RFP. Assist in executing the cybersecurity RMF to support Assessment and Authorization (A&A) of assigned systems.

Review required program office artifacts and make recommendations to support cybersecurity RMF analysis. Review and assist in coordinating approval for sanitization and declassification plans and/or procedures. Assist in performing vulnerability threat and risk assessments and security impact assessments on assigned systems modifications and interconnections. Assist in developing anA&A report and an A&A presentation for each required system to support approval decisions.

Assist in managing planning documenting and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems. Assist in evaluating the technical implementation of the security design to ascertain that security software hardware and firmware features affecting confidentiality integrity availability accountability and nonrepudiation have been implemented as documented in the Director of Central Intelligence Directive (DCID) 6/3 JSIG DoDI 8500.01 DoDI 8510.01 and NIST 80053 and that the features perform properly. Assist in documenting and reporting IV&V test plans results anomaly reports recommendations activity reports and other special reports as required.

Assist in performing cybersecurity site audits to verify architecture analysis cybersecurity requirements and controls verify mitigation actions witness cybersecurity testing and evaluation and to support final approval for Interim Authority to Test (IATT) Interim Authority To Operate (IATO) Authority To Operate (ATO) and/or Authority To Connect (ATC). Assist in documenting and reporting cybersecurity site audit findings and recommendations to the program office and/or Security Certification Authority (CA).

Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results. Assist in performing software security analyses to assess the vulnerabilities and risks. The results should be documented and reported to the PM and the Security CA. Assist with developing an approach for performing operational SWA sensitivity analysis. Assist with developing SWA test metrics for inputs to the TEMP.

Provide technical assistance and support to perform the cybersecurity strategy tasks required by DoD and AF acquisition cyber science and technology test or other directives.

Perform RMFrelated activities including the development coordination revision and publication of RMFrequired documents. Provide subject matter expertise as needed to the directorates capability development planning activities conducted under AFI 61101 Management of Science and Technology.

What You Will Need:

• An ACTIVE and MAINTAINED SECRET federal security clearance with the ability to obtain a TOP SECRET/SCI

• Bachelors Degree

• EIGHT 8 or more years of relevant Cyber Security experience

• Possess a Certified Information Systems Security Professional (CISSP) certification

• A strong knowledge understanding DoD Cyber Security policies and procedures

• Experience applying cyber security within the DoD and USAF weapon systems

What Would Be Nice to Have:

• An ACTIVE and MAINTAINED TOP SECRET/SCI federal security clearance

• Understanding of the DoD and USAF acquisition organizations

• Experience working with Microsoft Excel Word PowerPoint SharePoint and Project

• Knowledge of Aircraft Avionics

What We Offer:

Guidehouse offers a comprehensive total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical Rx Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account Dental/Vision & Dependent Care Flexible Spending Accounts

• ShortTerm & LongTerm Disability

• Student Loan PayDown

• Tuition Reimbursement Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency BackUp Childcare Program

• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity EmployerProtected Veterans Individuals with Disabilities or any other basis protected by law ordinance or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities or to apply for a position and you require an accommodation please contact Guidehouse Recruiting ator via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse please report the matter to Guidehouses Ethics Hotline. If you want to check the validity of correspondence you have received please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicants dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.