Senior Cyber Security Engineer with Security Clearance

Boston, MA, United States

McBride is a certified Minority–Owned Business Enterprise (MBE), Service–Disabled Veteran–Owned Small Business (SDVOSB), and Disadvantaged Business Enterprise (DBE) management and IT consulting firm with significant professional services experience that includes IT transformation, project management, digital transformation, strategic planning, business process improvement, change management, human capital management, disaster recovery, and operations. Background: Senior Cyber Security Engineer to support the Air Force Life Cycle Management Center/PEO Digital Directorate (AFLCMC/HB). The Air Force Program Execution Office for PEO Digital (AFPEO/HB) has the collective Air Force Materiel Command (AFMC) mission responsibility to manage and execute the modernization, development, testing, production, fielding, and sustainment of the PEO Digital portfolio, which includes over 130 programs for the United States Air Force (USAF) and foreign allies. AFLCMC/PEO Digital Directorate is headquartered at Hanscom Air Force Base, MA with geographically separated operating units CONUS and OCONUS.

You will be responsible for the following: 1. Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering–related documents identified in MIL–STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01

2. Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)

3. Update, monitor, and manage information in systems for the program office

4. Process and manage system user account requests and process tools

5. Process and manage system port/protocol and access control list requirements

6. Process and manage system Public Key Infrastructure (PKI) identification and authorization requirements

7. Manage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoD

8. Recommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data

9. Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needs

10. Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations' vision and goals

11. Conduct systems security evaluations, audits and reviews

12. Recommend systems security contingency plans and disaster recovery procedures

13. Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures

14. Participate in network and systems design to ensure implementation of appropriate systems security policies

15. Recommend initial, or updates to, software and configurations to new or existing system security mechanisms

16. Obtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system's mission

17. Facilitate the gathering, analysis and preservation of evidence used in the prosecution of computer

18. Provide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirements

19. Develop risk–based strategies to address identified gaps

20. Review, analyze, and assess implementations of cybersecurity (i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementation

21. Collaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A process

22. Provide technical advice in the area of systems security across all systems and supports

23. Develop recommendations for the Government regarding how well designs satisfy current requirements and business goals

24. Maintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reports

25. Support Government program office in audits of Government classified holdings to ensure proper accountability

26. Maintain databases of classified visits and clearance levels

27. Perform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information received

28. Evaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)

29. Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directives

30. Develop training and provide security awareness and other security education programs 31. Review and verify personnel qualifications for access to special access programs 32. Develop, implement and maintain a communications security program

33. Assess program disclosure issues and provide FMS case management support

34. Assist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)

35. Support execution of all aspects of acquisition program security throughout a program's lifecycle

36. Assist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation security

37. Update security classification guides 38. Prepare acquisition security related sections of acquisition program documentation

39. Review Contractor deliverables to ensure compliance with CDRLs 40. Plan and implement security–related surveys, assessments, and studies

41. Evaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end items

42. Provide security support to source selections Required Qualifications: 1. 15 years of directly related experience, 8 of which must be in the DoD or other Government agencies.

2. Understanding of cybersecurity in DoD cloud infrastructure

3. Understanding of Agile methods, including CI/CD, DevSecOps, and DevOps

4. Possess the ability to effectively communicate in both written and verbal forms on highly technical topics

5. CISSP Certification preferred Location: Hanscom AFB, MA (potential for hybrid or remote) Education and Clearance

• Bachelor's Degree in a related field • US Secret or Top Secret Clearance McBride is an Equal Opportunity Employer. McBride Consulting does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non–disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.

#J-18808-Ljbffr