Apply on Employer Site

Tlingit Haida Tribal Business Corporation · 3 days ago

Information Systems Security Manager/Engineer

Dayton, OH

Full-time

Hybrid

Senior Level

$130K/yr - $175K/yr

7+ years exp

Tlingit Haida Tribal Business Corporation (THTBC) is dedicated to creating meaningful economic opportunity and growth for the Tlingit & Haida Tribes of Alaska. The Cybersecurity Engineer will support the sustainment and modification of the USAF Electronic Technical Information Management System by ensuring compliance with cybersecurity requirements and integrating security measures into information systems.

ConstructionContact ManagementInnovation Management

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams

Ensure all products, deliverables, and activities align with Federal, CNSS, DoD, and AF cybersecurity policies, including:

Integrate cybersecurity considerations into Continuous Integration/Continuous Deployment (CI/CD) methodologies and program management schedules

Identify, manage, verify, and trace security controls across the entire system lifecycle, ensuring alignment with Test & Evaluation (T&E) and overall risk management processes

Implement and document comprehensive cybersecurity assurance measures across all layers of the TCP/IP model (network, transport, application, data link, and physical)

Develop and maintain RMF documentation and artifacts, including Security Plans, Vulnerability Assessments, and Test Results, to support system authorization

Ensure compliance with DoDI 8520.02 (PKI and PK Enabling) and DoDI 8520.03 (Identity Authentication), maintaining standardized encryption, digital signature, and authentication mechanisms

Deliver secure applications compliant with DISA STIGs and Cloud One cybersecurity requirements

Conduct static application security testing (SAST) using PMO-approved tools and maintain a Software Bill of Materials (SBOM) for each release (e.g., SPDX, CycloneDX, SWID)

Apply secure coding standards (e.g., OWASP Top Ten, CERT) and ensure prompt remediation of vulnerabilities

Generate and provide cybersecurity testing reports, mapping findings to applicable STIG and Cloud One controls

Use automated tools and processes wherever practical, seeking PMO approval for any deviations

Perform other duties as assigned

Qualification

NIST RMFDoD 8500-seriesCybersecurity complianceSASTCI/CD security integrationAdvanced certificationSecure coding standardsVulnerability assessmentsCloud One environmentsSecurity architecture

Required

Seven (7) years of experience supporting DoD or Air Force cybersecurity programs

Compliant with DoDI 8140 Intermediate Level Certifications (Security+, CySA, CAP, CASP CE, CISM, CISSP or Associate)

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field

Strong knowledge of NIST RMF, DoD 8500-series, and DISA STIG compliance

Experience with SAST, SBOM tools, and secure software development practices

Experience supporting AF programs or Cloud One environments

Familiarity with CI/CD security integration and automated compliance tools

Must be able to satisfactorily obtain and maintain a government security clearance as required by the contract

Must be able to maintain ability to access government worksite

Must possess and maintain a valid state driver's license and a safe driving record, in accordance with company policy, to operate vehicles or equipment as required for the position