Cybersecurity Engineer

McBride Consulting LLC has an exciting opportunity for a Cybersecurity Engineer providing support to the Command Control Communications and Battle Management Division (C3BM).

Command Control Communications and Battle Management (C3BM) has been tasked with delivering an integrated Department of the Air Force (DAF) Battle Network providing resilient decision advantage and enabling the USAF USSF Joint and Coalition Force to win against the pacing challenge. C3BM supports execution in many different focus areas. C3BMs main efforts are Architecture and Systems Engineering (ASE) Operational Response Team (ORT) and multiple mission integration teams such as Air Maritime and multiple acquisitions consisting of both the Advanced Battle Management System (ABMS) and Space.

This is a full-time position located at Hanscom Air Force Base in Bedford Massachusetts.

Responsibilities:

Duties include but not limited to:

• Identify and evaluate opportunities to apply innovative and emerging technologies automate processes continually improve the conduct and efficiency of audit activities and enterprise audit compliance of systems and infrastructure and identify metrics for monitoring improvements. Develop/update and maintain system-specific audit review dashboards and reporting mechanisms to show compliance across enterprise. Review data and prepare ACAS reports for SPO Leadership to include pre/post VVA reports GCCS-J STRATCOM reports etc. Generate Third Party Applications/Systems vulnerability reports and provide to team for resolution with COTs/GOTs owners.
  

  
  

  Assist with creation of ACAS TTPs SOPs and capture of lessons learned to improve performance efficiency and effectiveness of Cybersecurity personnel using the ACAS for the AOC WS Enterprise.
  

  
  

  Daily center reporting verifying security compliance with IAVAs and DISA STIGS. Daily central server maintenance - check logs syncs job queues CSU dashboards validate scans are credentialed and ACAS scanners and Security Center are operational and reporting properly for AOC sites.
  

  
  

  Gathering and reporting of AOC WS Software and Hardware information for EDS/CM team on a monthly or when requested.
  

  
  

  Ensure AOC WS 10.1 baseline aligns with OPORDS and Cyber Tasking Orders. Review ARE/FT ACAS documentation and redline as necessary. Support the research and analysis of DoD and AF policies and tasking orders to mitigate implementation problems that may impact the AOC WS 10.1 ACAS implementation.
  

  
  

  • Provide subject matter expertise (SME) on ACAS (Assured Compliance Assessment Solution) systems and related processes.
    
  • Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations visions and goals.
    
  • Assist in the design implementation configuration and maintenance of ACAS tools and applications for the KR enterprise.
    
  • Standardize ACAS reporting and provide oversight to internal and external leadership 20 sites (CONUS and OCONUS) and ACAS cyber team members.
    
  • Review and approve reports and metrics related to ACAS scans and vulnerability management efforts before released to KR leadership.
    
  • Analyze security vulnerabilities identified by ACAS scans and provide oversite and recommendations for remediation.
    
  • Collaborate with ACAS teams to ensure proper integration and utilization of ACAS tools within KR.
    
  • Stay updated on industry best practices and emerging trends related to ACAS and cybersecurity.
    
  • Support training efforts for staff members on the use of ACAS tools and interpretation of scan results for KR.
    
  • Develop scripting to work with the ACAS applications to reduce manual assessment of compliance reporting.
    
  • Update and maintain the KR ACAS (Nessus scanners and Security Centers) system at Hanscom AFB including planning delivery installation security hardening configuration integration and testing.
    
  • Administering Red Hat Enterprise Linux including:
    
  • Building patching and configuring RHEL systems (RHEL 7/8) to meet STIG requirements.
    
  • Configuring DNS NTP and network settings to support ACAS installation.
    
  • Performing backups and restores of system OS and installed software.
    
  • Provide SME level support to define analyze implement secure test and deploy new requirements and enhancements for network monitoring vulnerability identification remediation and security compliance IAW current OPORDS.
    
  • Assist with automation and implementation of periodic vulnerability reporting from ACAS to internal and external KR organizations.
    
  • Review of discovery scan results to identify systems not being vulnerability scanned and automated reporting.
    
  • Review of vulnerability scan results to identify troubleshoot and resolve credential and other common scan issues and automated reporting.
    
  • Review and compilation of scan results to support asset inventory requirements and automation.
    
  • Assessment of scan results to identify areas where vulnerability remediation has the greatest impact on risk and automated reporting.
    
  • Configuration of ACAS components to align with DISA Best Practice Guidance.
    
  • Troubleshooting and resolution of communication issues between ACAS software components failed plugin updates and other common software issues with the Hansom ACAS Servers.
    

Requirements

Qualifications:

Citizenship: Must be a US citizen

Minimum Required Qualifications

Clearance: Must have and be able to maintain an Active Secret clearance

Preferred Qualifications

Education: Bachelors degree in a professional engineering discipline and at least 7 years of experience in the respective technical/professional discipline 3 of which must be in the DoD.

Certifications: Security

Benefits