NOVA is hiring: WiFi Cybersecurity Subject Matter Expert in Dayton
NOVA, Dayton, OH, United States, 45444
WiFi Cybersecurity Subject Matter Expert US-OH-Dayton Job ID: 2024-5364 Type: Full-time Exempt, Salaried # of Openings: 1 Category: Other Dayton, OH (Wright Patterson AFB) Overview We are seeking a skilled and detail-oriented WiFi Cybersecurity Subject Matter Expert to join our team. The ideal candidate will be responsible for implementing, maintaining, and validating security controls to ensure compliance with rigorous cybersecurity standards and frameworks. This role involves working with advanced cybersecurity tools and methodologies, performing system assessments, and leading efforts to secure information systems in alignment with the Risk Management Framework (RMF). Responsibilities Ensure compliance with baseline cybersecurity controls as specified in CNSS Instruction (CNSSI) 1253, with a focus on the security categorization SC={C,L),(I,L),(A,L)}. Utilize the Air Force Enterprise Mission Assurance Support System (eMASS) to develop, document, and maintain system security plans (SSPs), assess controls, and implement cybersecurity measures. Implement all applicable Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs) to ensure secure configuration of Information Assurance (IA)-enabled components, including Commercial Off-The-Shelf (COTS) and Non-Developmental Items (NDI). Perform periodic analysis and secure configuration of systems to control software, hardware, and firmware, and mitigate unique risks. Conduct static analysis (source code analysis) and dynamic analysis (penetration testing) to ensure compliance with DISA Application Security & Development STIGs. Utilize automated tools such as those listed in the National Institute of Standards and Technology (NIST) Software Assurance Tools Survey to map findings back to corresponding DISA STIG checks by STIG ID. Serve as the lead for all cybersecurity-related activities, including system accreditation/re-accreditation, security validation testing through a DevSecOps process, and system compliance in cloud environments. Provide expertise in conducting cybersecurity inspections, tests, and reviews in alignment with Risk Management Framework (RMF) requirements and NIST SP 800-53 guidelines. Other duties as assigned. Qualifications Ability to maintain SECRET clearance and successfully pass a National Agency Check (NAC). Must hold an IAM Level II certification (e.g., CAP, CASP+, CISM, CISSP) in accordance with DoD Cybersecurity Workforce requirements. Minimum 3+ years of experience in network certification and accreditation. At least 7 years of Department of Defense (DoD) and/or private sector experience in information security, computer networking, or system administration. Must have experience implementing RMF requirements, utilizing eMASS for security control assessment, and ensuring compliance with DISA STIGs and SRGs. Familiarity with CNSSI 1253, NIST SP 800-53, and DoD Risk Management Framework Knowledge Service. Proven expertise in static and dynamic code security scanning using tools from the NIST Software Assurance Tools Survey, mapped to DISA STIGs. Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that delivers IT, professional, and environmental solutions to advance the missions of federal, state, and tribal government agencies. As thought leaders and innovators, our team o