ASTRION, INC.
Cybersecurity Engineer
ASTRION, INC., Bedford, Massachusetts, us, 01730
Overview
Be the Difference
Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.Astrion has an exciting opportunity for a
Cybersecurity Engineer
to support the Air Force Life Cycle Management Center/PEO Digital Directorate (AFLCMC/HB).The Air Force Program Execution Office for PEO Digital (AFPEO/HB) has the collective Air Force Materiel Command (AFMC) mission responsibility to manage and execute the modernization, development, testing, production, fielding, and sustainment of the PEO Digital portfolio, which includes over 130 programs for the United States Air Force (USAF) and foreign allies.This is a full-time position located at Hanscom Air Force Base, MA.Responsibilities:
Duties include, but not limited to:Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)Update, monitor, and manage information in systems for the program officeProcess and manage system user account requests and process toolsProcess and manage system port/protocol and access control list requirementsProcess and manage system Public Key Infrastructure (PKI) identification and authorization requirementsManage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoDRecommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and dataConduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needsPromote awareness of security issues among management and ensuring sound security principles are reflected in organizations' vision and goalsConduct systems security evaluations, audits and reviewsRecommend systems security contingency plans and disaster recovery proceduresRecommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and proceduresParticipate in network and systems design to ensure implementation of appropriate systems security policiesRecommend initial, or updates to, software and configurations to new or existing system security mechanismsObtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system's missionFacilitate the gathering, analysis and preservation of evidence used in the prosecution of computerProvide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirementsDevelop risk-based strategies to address identified gapsReview, analysize, and assess implementations of cybersecurity (i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementationCollaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A processProvide technical advice in the area of systems security across all systems and supportsDevelop recommendations for the Government regarding how well designs satisfy current requirements and business goalsMaintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reportsSupport Government program office in audits of Government classified holdings to ensure proper accountabilityMaintain databases of classified visits and clearance levelsPerform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information receivedEvaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directivesDevelop training and provide security awareness and other security education programsReview and verify personnel qualifications for access to special access programsDevelop, implement and maintain a communications security programAssess program disclosure issues and provide FMS case management supportAssist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)Support execution of all aspects of acquisition program security throughout a program's lifecycleAssist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation securityUpdate security classification guidesPrepare acquisition security related sections of acquisition program documentationReview Contractor deliverables to ensure compliance with CDRLsPlan and implement security-related surveys, assessments, and studiesEvaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end itemsProvide security support to source selections.Qualifications:
Citizenship:
Must be a US citizenClearance
:
Must have an active US secuerity clearanceEducation:
Bachelor's degreeYears' experience:
15 years or more of directly related experience, 6 years of which must be in the DoDUnderstanding of cybersecurity in DoD cloud infrastructureUnderstanding of Agile methods, including CI/CD, DevSecOps, and DevOpsPossess the ability to effectively communicate in both written and verbal forms on highly technical topicsWhat We OfferCompetitive salariesContinuing education assistanceProfessional development allotmentMultiple healthcare benefits packages401K with employer matchingPaid time off (PTO) along with a federally recognized holiday schedule
Who We Are
At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to "Be the Difference". This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what's possible. We promote collaboration and empowering our teams is at the core of our success.
Join Astrion and Be the Difference in your career and the world!
Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Be the Difference
Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.Astrion has an exciting opportunity for a
Cybersecurity Engineer
to support the Air Force Life Cycle Management Center/PEO Digital Directorate (AFLCMC/HB).The Air Force Program Execution Office for PEO Digital (AFPEO/HB) has the collective Air Force Materiel Command (AFMC) mission responsibility to manage and execute the modernization, development, testing, production, fielding, and sustainment of the PEO Digital portfolio, which includes over 130 programs for the United States Air Force (USAF) and foreign allies.This is a full-time position located at Hanscom Air Force Base, MA.Responsibilities:
Duties include, but not limited to:Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)Update, monitor, and manage information in systems for the program officeProcess and manage system user account requests and process toolsProcess and manage system port/protocol and access control list requirementsProcess and manage system Public Key Infrastructure (PKI) identification and authorization requirementsManage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoDRecommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and dataConduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needsPromote awareness of security issues among management and ensuring sound security principles are reflected in organizations' vision and goalsConduct systems security evaluations, audits and reviewsRecommend systems security contingency plans and disaster recovery proceduresRecommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and proceduresParticipate in network and systems design to ensure implementation of appropriate systems security policiesRecommend initial, or updates to, software and configurations to new or existing system security mechanismsObtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system's missionFacilitate the gathering, analysis and preservation of evidence used in the prosecution of computerProvide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirementsDevelop risk-based strategies to address identified gapsReview, analysize, and assess implementations of cybersecurity (i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementationCollaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A processProvide technical advice in the area of systems security across all systems and supportsDevelop recommendations for the Government regarding how well designs satisfy current requirements and business goalsMaintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reportsSupport Government program office in audits of Government classified holdings to ensure proper accountabilityMaintain databases of classified visits and clearance levelsPerform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information receivedEvaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directivesDevelop training and provide security awareness and other security education programsReview and verify personnel qualifications for access to special access programsDevelop, implement and maintain a communications security programAssess program disclosure issues and provide FMS case management supportAssist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)Support execution of all aspects of acquisition program security throughout a program's lifecycleAssist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation securityUpdate security classification guidesPrepare acquisition security related sections of acquisition program documentationReview Contractor deliverables to ensure compliance with CDRLsPlan and implement security-related surveys, assessments, and studiesEvaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end itemsProvide security support to source selections.Qualifications:
Citizenship:
Must be a US citizenClearance
:
Must have an active US secuerity clearanceEducation:
Bachelor's degreeYears' experience:
15 years or more of directly related experience, 6 years of which must be in the DoDUnderstanding of cybersecurity in DoD cloud infrastructureUnderstanding of Agile methods, including CI/CD, DevSecOps, and DevOpsPossess the ability to effectively communicate in both written and verbal forms on highly technical topicsWhat We OfferCompetitive salariesContinuing education assistanceProfessional development allotmentMultiple healthcare benefits packages401K with employer matchingPaid time off (PTO) along with a federally recognized holiday schedule
Who We Are
At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to "Be the Difference". This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what's possible. We promote collaboration and empowering our teams is at the core of our success.
Join Astrion and Be the Difference in your career and the world!
Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.