Odyssey Systems
Cybersecurity Engineer SME
Odyssey Systems, Colorado Springs, Colorado, United States, 80509
Position SummaryOdyssey Systems has an exciting opportunity for a
Cybersecurity Engineer SME
to serve as the ISSA/ISSO Manager. In this role, you will providesupport to the Command, Control, Communications, andBattle Management Division (C3BM).Command, Control, Communications, and Battle Management (C3BM) has been tasked with delivering an integrated Department of the Air Force (DAF) Battle Network providing resilient decision advantage and enabling the USAF, USSF, Joint, and Coalition Force to win against the pacing challenge. C3BM supports execution in many different focus areas. C3BM’s main efforts are Architecture and Systems Engineering (ASE), Operational Response Team (ORT), and multiple mission integration teams such as Air, Maritime and multiple acquisitions consisting of both the Advanced Battle Management System (ABMS) and Space.The Department of the Air Force (DAF) Battle Network is the integrated system-of-systems fusing sensors, effectors, and sustainment grids to build situational awareness, make operational decisions, and direct the force to create needed lethal and nonlethal effects in support of the Joint Force Commander’s scheme of maneuver. The DAF PEO C3BM has the responsibility of technically and programmatically integrating the DAF’s larger system-of-systems architecture needed to deliver an integrated Command and Control (C2) core function for the DAF, Joint, and Coalition forces, by teaming with all other DAF PEOs, as needed.This is a full-time position located at Space Force Base (SFB), in Colorado Springs, CO. This position allows telework flexibility for local candidates approximately 2 days per week – subject to change per the customer’s discretion.Responsibilities
Duties include, but not limited to:Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)Update, monitor, and manage information in systems for the program officeProcess and manage system user account requests and process toolsProcess and manage system port/protocol and access control list requirementsProcess and manage system Public Key Infrastructure (PKI) identification and authorization requirementsManage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoDRecommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and dataConduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needsPromote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ vision and goalsConduct systems security evaluations, audits and reviewsRecommend systems security contingency plans and disaster recovery proceduresRecommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and proceduresParticipate in network and systems design to ensure implementation of appropriate systems security policiesRecommend initial, or updates to, software and configurations to new or existing system security mechanismsObtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system’s missionFacilitate the gathering, analysis and preservation of evidence used in the prosecution of computerProvide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirementsDevelop risk-based strategies to address identified gapsReview, analyze, and assess implementations of cybersecurity(i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementationCollaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A processProvide technical advice in the area of systems security across all systems and supportsDevelop recommendations for the Government regarding how well designs satisfy current requirements and business goalsMaintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reportsSupport Government program office in audits of Government classified holdings to ensure proper accountabilityMaintain databases of classified visits and clearance levelsPerform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information receivedEvaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directivesDevelop training and provide security awareness and other security education programsReview and verify personnel qualifications for access to special access programsDevelop, implement and maintain a communications security programAssess program disclosure issues and provide FMS case management supportAssist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)Support execution of all aspects of acquisition program security throughout a program’s lifecycleAssist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation securityUpdate security classification guidesPrepare acquisition security related sections of acquisition program documentationReview Contractor deliverables to ensure compliance with CDRLsPlan and implement security-related surveys, assessments, and studiesEvaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end itemsProvide security support to source selectionsQualifications
Minimum Required Qualifications:Citizenship:
Must be a US citizenClearance:
Must have an active Top Secret level clearance, eligible for TS/SCI and be able to maintain itCertification:
DoD IAM Level IIEducation:
Bachelor's DegreeYears’ experience:
Twenty-five (25) years of experience in the respective technical/professional discipline; to include fifteen (15) years of DoD experience ; OR,Master’s Degree in a related field and twenty (20) years of experience in the respective technical/professional discipline; to include twelve (12) years of DoD experienceAdditional experience:Risk Management Framework (RMF), with emphasis on taking projects from Step 1 to Step 5Vulnerability Management, Tenable Nessus (ACAS-DoD version of Nessus)Experience with DISA Security Technical Implementation Guides (STIG)Preferred Requirements:Clearance:
Active TS/SCIAdditional experience:Experience with Cross Domain Solutions and USAF CDS-E -
highly preferredCloud Service Models -
highly preferredSupply Chain SecurityExperience identifying Common Criteria and National Information Assurance Partnership (NIAP) certified technologies and the DISA Approved Products List (APL)DoD Policies for Procedures for CybersecurityProven experiencemonitoringnetwork security effectiveness ofsecurity controls and compliance policiesExperience developing plans, preparing, and executing tests againstendpointtechnologies used to secure systems to reducecyberriskFamiliarity with DoD Impact Levels and Supply Chain SecurityNational Security Agency (NSA)Type 1 encryptionWorking with CISSP - 16th AFAdditional Information:Location:
Peterson Space Force Base (SFB), in Colorado Springs, COHybrid:
Telework flexibility for local candidates approximately 2 days per week – subject to change per the customer’s discretion.Travel requirement:
CONUS travel up to 20% may be required to Hanscom Air Force Base (AFB), in Bedford, MA - per the customer's discretion.#LI-MK1#hybridCompany Overview
Odyssey Systems Consulting Group,
is an innovative small business committed to providing world-class technical, management, and training support services to government and public sector clients. We focus on people, processes, and performance to deliver superior results. Since our inception in 1997, our commitment to mission success and customer satisfaction has been recognized with exponential growth and exceptional past performance ratings. We accept challenging assignments and drive projects from the planning stages, through implementation, and into operations and support.Please note:
Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications.Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
#J-18808-Ljbffr
Cybersecurity Engineer SME
to serve as the ISSA/ISSO Manager. In this role, you will providesupport to the Command, Control, Communications, andBattle Management Division (C3BM).Command, Control, Communications, and Battle Management (C3BM) has been tasked with delivering an integrated Department of the Air Force (DAF) Battle Network providing resilient decision advantage and enabling the USAF, USSF, Joint, and Coalition Force to win against the pacing challenge. C3BM supports execution in many different focus areas. C3BM’s main efforts are Architecture and Systems Engineering (ASE), Operational Response Team (ORT), and multiple mission integration teams such as Air, Maritime and multiple acquisitions consisting of both the Advanced Battle Management System (ABMS) and Space.The Department of the Air Force (DAF) Battle Network is the integrated system-of-systems fusing sensors, effectors, and sustainment grids to build situational awareness, make operational decisions, and direct the force to create needed lethal and nonlethal effects in support of the Joint Force Commander’s scheme of maneuver. The DAF PEO C3BM has the responsibility of technically and programmatically integrating the DAF’s larger system-of-systems architecture needed to deliver an integrated Command and Control (C2) core function for the DAF, Joint, and Coalition forces, by teaming with all other DAF PEOs, as needed.This is a full-time position located at Space Force Base (SFB), in Colorado Springs, CO. This position allows telework flexibility for local candidates approximately 2 days per week – subject to change per the customer’s discretion.Responsibilities
Duties include, but not limited to:Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)Update, monitor, and manage information in systems for the program officeProcess and manage system user account requests and process toolsProcess and manage system port/protocol and access control list requirementsProcess and manage system Public Key Infrastructure (PKI) identification and authorization requirementsManage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoDRecommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and dataConduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needsPromote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ vision and goalsConduct systems security evaluations, audits and reviewsRecommend systems security contingency plans and disaster recovery proceduresRecommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and proceduresParticipate in network and systems design to ensure implementation of appropriate systems security policiesRecommend initial, or updates to, software and configurations to new or existing system security mechanismsObtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system’s missionFacilitate the gathering, analysis and preservation of evidence used in the prosecution of computerProvide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirementsDevelop risk-based strategies to address identified gapsReview, analyze, and assess implementations of cybersecurity(i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementationCollaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A processProvide technical advice in the area of systems security across all systems and supportsDevelop recommendations for the Government regarding how well designs satisfy current requirements and business goalsMaintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reportsSupport Government program office in audits of Government classified holdings to ensure proper accountabilityMaintain databases of classified visits and clearance levelsPerform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information receivedEvaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directivesDevelop training and provide security awareness and other security education programsReview and verify personnel qualifications for access to special access programsDevelop, implement and maintain a communications security programAssess program disclosure issues and provide FMS case management supportAssist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)Support execution of all aspects of acquisition program security throughout a program’s lifecycleAssist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation securityUpdate security classification guidesPrepare acquisition security related sections of acquisition program documentationReview Contractor deliverables to ensure compliance with CDRLsPlan and implement security-related surveys, assessments, and studiesEvaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end itemsProvide security support to source selectionsQualifications
Minimum Required Qualifications:Citizenship:
Must be a US citizenClearance:
Must have an active Top Secret level clearance, eligible for TS/SCI and be able to maintain itCertification:
DoD IAM Level IIEducation:
Bachelor's DegreeYears’ experience:
Twenty-five (25) years of experience in the respective technical/professional discipline; to include fifteen (15) years of DoD experience ; OR,Master’s Degree in a related field and twenty (20) years of experience in the respective technical/professional discipline; to include twelve (12) years of DoD experienceAdditional experience:Risk Management Framework (RMF), with emphasis on taking projects from Step 1 to Step 5Vulnerability Management, Tenable Nessus (ACAS-DoD version of Nessus)Experience with DISA Security Technical Implementation Guides (STIG)Preferred Requirements:Clearance:
Active TS/SCIAdditional experience:Experience with Cross Domain Solutions and USAF CDS-E -
highly preferredCloud Service Models -
highly preferredSupply Chain SecurityExperience identifying Common Criteria and National Information Assurance Partnership (NIAP) certified technologies and the DISA Approved Products List (APL)DoD Policies for Procedures for CybersecurityProven experiencemonitoringnetwork security effectiveness ofsecurity controls and compliance policiesExperience developing plans, preparing, and executing tests againstendpointtechnologies used to secure systems to reducecyberriskFamiliarity with DoD Impact Levels and Supply Chain SecurityNational Security Agency (NSA)Type 1 encryptionWorking with CISSP - 16th AFAdditional Information:Location:
Peterson Space Force Base (SFB), in Colorado Springs, COHybrid:
Telework flexibility for local candidates approximately 2 days per week – subject to change per the customer’s discretion.Travel requirement:
CONUS travel up to 20% may be required to Hanscom Air Force Base (AFB), in Bedford, MA - per the customer's discretion.#LI-MK1#hybridCompany Overview
Odyssey Systems Consulting Group,
is an innovative small business committed to providing world-class technical, management, and training support services to government and public sector clients. We focus on people, processes, and performance to deliver superior results. Since our inception in 1997, our commitment to mission success and customer satisfaction has been recognized with exponential growth and exceptional past performance ratings. We accept challenging assignments and drive projects from the planning stages, through implementation, and into operations and support.Please note:
Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications.Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
#J-18808-Ljbffr