Principal Cybersecurity Engineer

Torch Technologies

Thank you for your interest in employment with Torch Technologies. We are a 100% employee-owned Certified Great Place To Work and named Best Places to Work in Huntsville/Madison County headquartered in Huntsville AL. Our team provides superior research development and engineering services to the Federal Government and Department of War. As one of the nations top 100 defense companies the services we provide directly support the men and women who serve our country. Our corporate mission sums up the pride our employee-owners take in the work we do: Lighting the Pathway of Freedom. And as a Certified Evergreen ESOP we have made the commitment to grow and sustain our company for the next 100 years! Come grow with us!

Torch Technologies has an exciting opportunity for aPrincipal Cybersecurity Engineerproviding support to the Air Force Life Cycle Management Center (AFLCMC/HBD) Theater Battle Control Division at Hanscom AFB MA. The Theater Battle Control Division manages efforts focused on developing acquiring fielding and sustaining programs that support worldwide communications Battle Management Command & Control Intelligence Surveillance & Reconnaissance (C2ISR) Tactical Air Control Air/Ground Surveillance Time Critical Targeting Combat Identification Radar Imagery Integrated Air/Missile Defense and Mobile/Fixed C2ISR Performance Exploitation & Dissemination Facilities.

As a Principal Cybersecurity Engineer your duties may include but are not limited to:

• Assist with development of System Security Management Plans Program Protection Plans Security Risk Analyses OPSEC Plans Computer Certification and Accreditation Security Vulnerability and Countermeasures Analyses Security Concepts of Operations and other system security engineering-related documents identified in MIL-STD 1785 DoWI 5000.02 Operation of the Adaptive Acquisition Framework and DoWI 8510.01

• Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities tasks and resulting artifacts mandated by governing DoW and Air Force policies (i.e. Risk Management Framework (RMF)

• Update monitor and manage information in systems for the program office

• Process and manage system user account requests and process tools

• Process and manage system port/protocol and access control list requirements.

• Processandmanag system Public Key Infrastructure(PKI)identification and authorization requirements

• Manage the distribution implementation remediation and tracking of system security updates and configurations as required by the DoW

• Recommendpolicies and proceduretoensure information systems reliabilityand accessibility to prevent and defend against unauthorized access to systems networks and data

• Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities risk and protection needs

• Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations vision and goals

• Conduct systems security evaluations audits and reviews

• Recommend systems security contingency plans and disaster recovery procedures

• Recommend and implementing programs to ensure that systems network and data users are aware of understand and adhere to systems security policies and procedures

• Participate in network and systems design to ensure implementation of appropriate systems security policies

• Recommend initial or updates to software and configurations to new or existing system security mechanisms

• Obtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the systems mission

• Facilitate the gathering analysis and preservation of evidence used in the prosecution of computer

• Provide leadership assistance in the analysis of the design development integration implementation and testing of cybersecurity requirements

• Develop risk-based strategies to address identified gaps

• Reviewanalyze and assess implementationsofcybersecurity (i.e RMF security controls) throughout the open systems architecture and associated services derived requirements specifications design documents & design implementation

• Collaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A process

• Provide technical advice in the area of systems security across all systems and supports

• Develop recommendations for the Government regarding how well designs satisfy current requirements and business goals

• Maintain databases that reflect receipt storage inventory and disposition of classified information to include data entry updates and generation of reports

• Support Government program office in audits of Government classified holdings to ensure proper accountability

• Maintain databases of classified visits and clearance levels

• Perform inspection inventory logging storage documentation transmittal and internal distribution of classified information received

• Evaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)

• Provide security inspection and protection to areas where classified information is being stored and develop and establish security procedures and policies IAW DOW USAF AFMC and local directives

• Develop training and provide security awareness and other security education programs

• Review and verify personnel qualifications for access to special access programs

• Develop implement and maintain a communications security program

• Assess program disclosure issues and provide FMS case management support

• Assist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations including but not limited to SAF/IA Air Force Security Assistance Center (AFSAC) Air Force Security Assistance Training (AFSAT) squadron Defense Finance and Accounting Services (DFAS)

• Support execution of all aspects of acquisition program security throughout a programs lifecycle

• Assist with development of sound security practices and policies regarding acquisition physical personnel and documentation security

• Update security classification guides

• Prepare acquisition security related sections of acquisition program documentation

• Review Contractor deliverables to ensure compliance with CDRLs

• Plan and implement security-related surveys assessments and studies

• Evaluate program security information and hardware throughout the program life cycle to include studies analyses plans procedures production test plans/results transportation technology and storage of end items

• Provide security support to source selections

Required Qualifications:

• U.S. Citizenship

• BS/BA Degree and 15 years of experience in the respective technical/professional discipline being performed 10 of which must be in the DoW

• Risk Management Framework (RMF) with emphasis on taking projects from Step 1 to Step 5

• Vulnerability Management Tenable Nessus (ACAS-DoW version of Nessus)

• STIGs

• CISSP Certification

• Must have and maintain a Top-Secret clearance.

Preferred Qualifications:

• Experience with Cross Domain Solutions and USAF CDS-E

• Cloud Service Models

• Supply Chain Security

• NIAP

• DoW Policies for Procedures for Cybersecurity

• Network Security

• Endpoint

• DoW Impact Levels

• NSA Type 1 encryption

• Working with a CSSP - 16th AF

Schedule:(M-F; 8-5)

Work Location: (onsite hybrid remote)

Travel:(yes 10-20%; no)

Relocation Assistance Available: (Yes No)

Position Contingent Upon Award of Contract: (Yes No)

Salary Range (only if required**): $160000 - $180000

The salary range information is a general guideline only. Several factors can influence the salary for a position including but not limited to Federal Government contract labor categories and contract wage rates geographic location business considerations scope and responsibilities of the position local or other applicable market conditions and internal equity. Other factors include the candidates qualifications such as relevant prior work experience specific skills and competencies education/training and certifications.

#LI-EW1

Benefits:

Torch Technologies is proud to offer a stable and professional work environment a competitive salary and an excellent comprehensive benefit package including: ESOP participation 401(k) match and safe-harbor contribution medical dental vision life insurance short-term disability long-term disability flexible spending accounts Health Saving Accounts and Health Reimbursement Accounts EAP education assistance paid time off and holidays.

Applying to Torch Technologies:

Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.

All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin age genetic information citizenship ancestry marital status protected veteran status disability status or any other status protected by federal state or local law. Torch Technologies Inc. participates in E-Verify.

If you are a qualified individual with a disability or a disabled veteran you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Careers Link as a result of your disability. You can request reasonable accommodations by sending an email to Thank you for your interest in Torch Technologies.