Torch Technologies is seeking a Cybersecurity Engineer located within Kettering, OH (Dayton/WPAFB area) to join a team supporting our EPASS GB contract. As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the The Maintenance, Repair, and Overhaul - Supply (MRO-S) program provides for the acquisition, development, and deployment of Enterprise Resource Planning (ERP) software that supports the wholesale and depot retail supply of the air force Supply Chain initiative (SCi). MRO-S will support the three (3) Air Logistics Complexes (ALCs) located at Tinker Air Force Base (AFB), Oklahoma; Robins AFB, Georgia; and Hill AFB, Utah, and Kadena Air Base, Japan.
ESSENTIAL DUTIES/POSITION DESCRIPTION:
This position requires a highly motivated individual with vast experience. The successful candidate will provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official’s Information System’s Continuous Monitoring (ISCM) strategy.
This position will act as the primary cybersecurity technical advisor to the AO, PM, and ISO. This position ensures the integration of cybersecurity into, and throughout, the lifecycle of the IT, on behalf of the AO and in accordance with DoDI 8510.01 for the following:
- Completes and maintains required cybersecurity certification IAW AFMAN 17-1303;
- Leads efforts in the detection, identification, and reporting of possible cyber attacks/intrusions, anomalous activities, and misuse activities.
- Uses Computer Network Defense (CND) tools for continual monitoring and vulnerability testing and analysis of system activity to identify malicious activity.
- Determines appropriate course of action in response to identified cyber security incidents or anomalous network activity.
- Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
- Recommends enterprise protection measures based on incident trends.
- Prepares detailed recommendations for network defense improvements to close or mitigate incidents.
- Completes cyber incident reports detailing incident findings and mitigation/remediation recommendations.
- Develops and documents incident response guidance, processes, and procedures.
The successful candidate has the knowledge, experience and recognized ability to be considered highly skilled in their technical/professional field. Possesses the ability to perform tasks independently and oversee the efforts of junior and journeyman contractor personnel within the technical/professional discipline. Demonstrates advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise (Program Office, Enterprise and Staff Level Support interface).
All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to:
- Access control.
- Configuration management.
- System and communications protection.
- Contingency planning.
- Incident handling.
- System and information integrity.
- Security and privacy training and awareness; and,
- Software development activities, software and tools related to Cybersecurity.
Experience performing cybersecurity duties as outlined in DoDI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.
Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.
Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.
Experience with conducting information security continuous monitoring (ISCM) by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.
EDUCATION:
Bachelor's Degree in a related field and 10 years of experience is required.
CERTIFICATION REQUIREMENTS:
At a minimum, the successful candidate will meet the requirements for and maintain an IAM Level III Cybersecurity certification by possessing at least one of the following certifications as directed by DoD 8140 and outlined in DoD 8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
- ISACA CISM
- (ISC)2 CISSP
- GIAC GSLC
- EC Council CCISO
Additional Desired Certifications:
- Certified SCRUM Master
- Other Agile Certifications
OTHER QUALIFICATIONS:
Candidate must be a US Citizen
Candidate must possess and be able to maintain a T3/Secret Clearance
The following skills are highly desirable but not required for this position:
- Working knowledge of the Agile Development methodology
- Experience using any, or all, of the following tools (Desired):
- CheckMarx
- SonarQube
- Jira
- Confluence
- Mavin
- Jenkins
- Bitbucket
U.S. Citizenship Required for this Position: Yes
Job Type: Full time
Security Clearance: Tier 3/Secret
Schedule: (M-F; 8-5)
Work Location: Kettering, OH office
Travel: <10%
Relocation Assistance Available: No
Position Contingent Upon Award of Contract: No
Benefits:
Torch Technologies is proud to offer a stable and professional work environment, a competitive salary, and an excellent, comprehensive benefit package including: ESOP participation, 401(k) match and safe-harbor contribution, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts, EAP, education assistance, paid time off, and holidays.
Applying to Torch Technologies:
Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.
Applying to Torch Technologies:
Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, citizenship, ancestry, marital status, protected veteran status, disability status or any other status protected by federal, state, or local law. Torch Technologies, Inc. participates in E-Verify.
