Requisition Number: NC3SE01584
Apogee Engineering is seeking an experienced Senior Cybersecurity Engineer to be located at Hanscom Air Force Base in Bedford, MA. This position supports the Air Force Nuclear Weapons Center (AFNWC) Nuclear Command, Control, and Communications (NC3) Integration Directorate. The ideal candidate should have cybersecurity engineering experience along with having a solid understanding of the Risk Management Framework (RMF).
Why work with us?
Apogee Engineering, LLC is a growing provider of technical expertise across an array of Defense and National Security customers. Apogee’s culture is infused with integrity and a passion for excellence, which has propelled Apogee into the ranks of an elite small business company, known for unwavering dedication to their client's success, a warm and family-like work environment, and an enthusiasm to providing the right solution at the right time.
What you'll be doing:
- Providing system/application deliverables that are compliant with DoD and Air Force cybersecurity policy, specifically DoDI 8500.01, Cybersecurity; AFI 17-130, Air Force Cybersecurity Program Management; Public Law 111- 383; and DISA Application Security Development Security Technical Implementation Guide (STIG), which includes the need for source code scanning to mitigate vulnerabilities associated with SQL injections, cross- site scripting and buffer overflows
- Providing compliance with DoD and Air Force Certification and Accreditation policies, specifically Department of Defense Instruction (DoDI) 8510.01, Risk Management Framework (RMF) for DoD Information Technology, and AFI 17-101, The Risk Management Framework (RMF) for Air Force Information Technology, to ensure cybersecurity policy is implemented correctly on all systems
- Providing technical expertise to ensure the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools
- Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of RMF A&A activities, tasks, and resulting artifacts
- Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
- Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
- Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations’ visions and goals
- Conducting systems security evaluations, audits, and reviews and implementing corrective actions.
- Recommending systems security contingency plans and disaster recovery procedures
- Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
- Participating in network/systems design to ensure implementation of systems security policies
- Facilitating gathering, analysis, and preservation of evidence used to prosecute computer crimes
What you will need to have:
- Possess and maintain DoD 8570.01-M Information Assurance Technical (IAT) Level III certification
- Possess strong understanding and experience with DoDI 8510.01 and AFI 17-101
- Possess one of the following education/experience mixes:
- Master’s Degree plus 10 years of relevant cybersecurity engineering experience (preferred)
- Bachelor’s Degree plus 18 years of relevant cybersecurity engineering experience
- 22 years of relevant cybersecurity engineering experience
- Possess a Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility
- Ability to perform all functional duties independently