Abacus Technology is seeking a Cyber Security Engineer to provide security support for Shaw AFB. This is a full-time position.
Support management, administration and implementation of 609 ACOMS and 609 EACOMS cybersecurity programs to ensure confidentiality, availability, and integrity Enterprise and AOC networks, systems and information. Serve as the information security subject matter expert, and implement processes and controls in support of cybersecurity programs to ensure compliance with AFI 17-130, Cybersecurity Program Management, and other governing DoD, USAF and USAFCENT directives and policy. Plan, implement, upgrade and monitor security measures for the protection of communications and IT systems and information. Draft, review and coordinate local IA policies, procedures and operating instructions, and provide recommendations for revisions. Identify and manage cybersecurity risks; and implement controls to ensure the secure and delivery of mission critical services. Monitor and detect cybersecurity events; and implement appropriate response and recovery actions. Manage cybersecurity incident management handling, response, escalation and reporting in accordance with SPIN-C and other IA applicable regulations. Maintain cybersecurity posture IAW SPIN-C and applicable DoD, AF and USAFCENT directives and policy. Ensure all IT hardware/software products are configured IAW with Security Technical Implementation Guidance (STIG) and other relevant security configuration and implementation guidance. Ensure no unauthorized hardware/software is installed or used on Enterprise and AOC networks and systems. Utilize standard software tools to perform vulnerability scans of network equipment and software; and assist network, systems and client administrators in implementing corrective actions required when vulnerabilities are detected. Develop, update and maintain certification and accreditation documentation, including but not limited to DoD Risk Management Framework (RMF) artifacts, Plan of Action and Milestones (POA&Ms), waivers, and vulnerability mitigation plans. Assess the impact of changes on certification and accreditation packages, and advise the government accordingly. Process and coordinate system access authorization requests, software approval requests, firewall and proxy exemption requests/waivers, and other IA-related documents. Ensure IA-related documentation is current and accessible to authorized individuals. Research security issues affecting network/systems hardware and software, and provide recommended solutions. Ensure unit and individuals are in compliance with USAFCENT NOSC IA standards and guidance; and promote information security awareness. Assist with the sensitive and/or classified hard drive and removable media tracking, sanitization and destruction. Assist with the operation, management and administration of unit Communications Security (COMSEC) and Emissions Security (EMSEC), and Operations Security (OPSEC) programs, as required. Perform technical support and O&M activities for information assurance-related technical problems or requirements. Attend and participate in cybersecurity and CM meetings, as required. Develop and submit a Cybersecurity Monthly Status Report. Develop and submit IA advisories and ad-hoc reports, as required by the government.
5+ years experience in cyber security or information assurance. Bachelor’s degree in a related field. Must hold a certification in compliance with DoD 8570 IAM Level III (e.g. CISSP, CISM, GSLC). Experience with the certification and accreditation (C&A), assessment and authorization (A&A), and Risk Management Framework (RMF). Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems. Knowledge of intrusion prevention and network access control tools/systems. Must have experience with acquisition and sustainment. Understanding of system audit principles and security risk assessment. Must have a solid understanding of network infrastructure and mission assurance. Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB. Must have solid communications skills and be capable of working with all levels of an organization. Must be a US Citizen and hold an active Secret clearance.
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.