B52, UAI, B1 Anti-tamper/CISSP Engineer (13:ID-ACC-009) Dayton, Ohio
Solidus is searching for an Anti-tamper/Certification and Accreditation Engineer to support the Development, Integration and Transition Division, which provides a single point for the Fighters and Bombers Directorate to acquire unique technologies and development efforts to transition new capabilities to the warfighter, as well as closing out completed acquisition programs within the Program Executive Officer (PEO) portfolio. The current focus of the Division is ongoing oversight of the B-52 modernization programs as well as transitioning B-1 mod programs to Tinker AFB. The Division is currently managing several Acquisition Category II and III programs for the B-1 and B-52 that will significantly improve the supportability, flexibility and lethality of numerous weapons systems. Positions include support to Light Air Support (LAS), Universal Armament Interface (UAI), Directorate functions and other Division programs as required.
In particular, this position requires:
- Proficient using the standard Microsoft Office toolset and other security management support software as required.
- Certified systems security professional possessing at least 10 years of experience implementing the Information Assurance Technical Framework (IATF) processes and in the discovery of information protection needs. Be knowledgeable in design systems and security controls and technical, personnel, or management solutions to effectively and efficiently satisfy these requirements. The discipline includes concepts of defense in depth, risk assessment, and the systems lifecycle. Required certification is "Certified Information System Security Professional (CISSP) or CompTIA Advanced Security Practitioner (CASP)".
Support the following:
1) Implementation of IA Controls: Possesses experience associated with the application of specific safeguards or through the regulation of specific activities that is expressed in a specified format (i.e., a control number, a control name, control text, and a control class).
2) Information Security: Be knowledgeable of security best practices and industry standards used in protecting data from unauthorized access and prevention of the use, disclosure, destruction, modification, or disruption to access.
3) Economics of Security: Capable of evaluating aspects of economics of privacy and security when associated with protection schema or security options.
4) Physical Security: Proficient at evaluating measures that are designed to deny access to unauthorized personnel (including attackers or even accidental intruders) from physically accessing a building, facility, resource, or stored information; and guidance on how to design structures to resist potentially hostile acts. Familiarity at preparing attack trees is considered a plus.
5) Support Security/IA Certification and Accreditation (IA C&A): Possesses knowledge and professional certifications associated with the standard DoD approach for identifying information security requirements, providing security solutions, and managing the security of DoD information systems. Experience as a Certification Authority or Designated Approving Authority.
6) Program Protection: Experienced at integrating engineering processes for mitigating and managing risks to advanced technology and mission-critical system functionality from foreign collection, design vulnerability, or supply chain exploitation/insertion, battlefield loss, and unauthorized or inadvertent disclosure throughout the acquisition lifecycle. Must be knowledgeable in all aspects of the preparation and maintenance of the Program Protection Plan which includes: a) Conduct of Identification and Criticality Analysis to implement protection of Critical Program Information (CPI) and Critical Technology (CT), b) Experience functioning as the program focal point for Threat Analysis/Assessment required by the DoD acquisition community to assess program and supplier risks, c) Perform with vulnerability assessment procedures, tools and techniques which identify system vulnerabilities.
- Senior: 10 years engineering experience in the required task area of which 5 years shall be in the recognized specialty area
Applicants selected must meet eligibility requirements for access to classified information. U.S. Citizenship may be required. Solidus is an Affirmative Action and Equal Opportunity Employer.