Apply on Employer Site

Credence · 12 hours ago

Cybersecurity System Integrity Engineering Support Senior F-16 WAM (Top-Secret)

Hill Air Force Base, UT

Full-time

Onsite

Senior Level, Lead/Staff

10+ years exp

Credence is a technology-driven company supporting mission-critical needs for defense and health federal organizations. They are seeking a Senior Cybersecurity System Integrity Engineering Support professional to support the Air Force Life Cycle Management Center's F-16 division, ensuring compliance with cybersecurity directives and providing technical support for system integrity engineering.

GovTechInformation TechnologySoftware

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Will support to assure compliance to the most current revision of the Cybersecurity directives applicable to PIT and non-PIT systems being supported to include DoD Risk Management Framework (RMF), DoD Instruction 8500.01, Intelligence Community Directive (ICD) 503, Unified Facilities Criteria (UFC) 4-010-06, NIST SP 800-53 Revision 5, directives/guidance identified in the Program Protection Plan (PPP) and/or DoD Instruction 5200.48

Will provide Cybersecurity and IA support to assigned systems to includes developing, modifying, reviewing or coordinating PIT determination packages, IAS, IAP, SSP, artifacts for program reviews and RFPs

Shall assist with the execution of the IA RMF to support A&A of assigned systems and will assist with evaluating the technical implementation of the security design to ascertain that security software, hardware, and firmware features affecting confidentiality, integrity, availability, accountability, and non-repudiation have been implemented as documented in the DoD Instruction 8500.01, Intelligence Community Directive (ICD) 503, Unified Facilities Criteria (UFC) 4-010-06, NIST SP 800-53 Revision 5, and/ or DoD Instruction 5200.48

Shall assist to review required program office artifacts and make recommendations to support IA RMF analysis and recommendation to the program office

Shall assist in developing an A&A report and an A&A presentation for each required system to include IATT, IATO ATO, and Authority to Connect (ATC)

Shall assist in managing, planning, documenting and conducting Independent Verification & Validation (IV&V) of security requirements for weapon systems

Shall assist with evaluating the technical implementation of the security design to ascertain that security software, hardware and firmware features affecting confidentiality, integrity, availability, accountability and non-repudiation have been implemented as documented in the DoD Instruction 8500.01, Intelligence Community Directive (ICD) 503, Unified Facilities Criteria (UFC) 4-010-06, NIST SP 800-53 Revision 5, and/ or DoD Instruction 5200.48 and that the features perform properly

Shall assist with document and report IV&V test plans, results, anomaly reports, recommendations, activity reports and other special reports as required

Will support IA site audits to verify architecture analysis, IA requirements and controls, verify mitigation actions, witness IA testing and evaluation, and to support final approval for IATT, IATO, and/or ATO/ATC

Shall assist to document and report IA site audit findings and recommendations to the Program Office

Shall assist to review and make recommendations to the Systems Engineering AT Certifying Officials regarding critical technologies requiring protection, PPP, AT plans, techniques, threats/vulnerabilities, risk and results

Will support monitoring and evaluating AT efforts for impacts to the program and provide recommendations to the PM

Shall assist with reviewing the program's Critical Program Information/ Critical Technology (CPI/CT) list

Shall support the program office SE Team and the AT DoD Executive Agent to produce new CPI/CT lists

Shall assist in ensuring that AT events are incorporated into the SEP and IMS and will support identifying and documenting the threat, vulnerability, attack scenarios, impacts if exploited and the exploitation timeline

Shall assist with identifying the software pedigree and quality assurance issues and document the results. Will support software security analysis to assess the vulnerabilities and risks and will assist to document and report results to the PM and the Certification Authority Representative

Shall assist with developing an approach for performing operational SWA sensitivity analysis and will assist with developing SWA test metrics for inputs to the TEMP

Will provide support to conduct risk assessments and will assist with performing hardware security analysis to assess the vulnerabilities and risks

Shall assist the Program Office with OSS&E and Communication, Navigation and Surveillance/ Air Traffic Management (CNS/ATM) airworthiness assessment for certification to ensure that DoD aircraft are safe and that they meet the requirements of the FAA in the U.S. and the International Civil Aviation Organization (ICAO)

Shall submit deliverables in writing and update the deliverables in the technical source data, contained in the following master documentation:

Architectural Analysis Report (AAR)

Requirements Drawing Data Path Identification Data Type Identification System Security Plan (SSP)

Security Control Traceability Matrix (SCTM) Risk Assessment Report (RAR)

Hardware and Memory Architectural Analysis Report (HAMMAR) Cybersecurity Impact Evaluation Recommendation (CIER) Interim Authority to Operate/Test (IATT)

Authority to Operate (ATO)

Supply Chain Risk Management (SCRUM) Program Protection Plan (PPP)

Anti-Tamper Plan (AT)

Critical Program Information Identification (CPI) Residual CPI

Criticality Analysis (CA)

Counterintelligence Support Plan (CISP) Security Classification Guide (SCG) Cybersecurity Strategy (CSS)

Shall assist to submit written reports, including, but not limited to, technical evaluation reports, white papers, and comment matrices on the above technical areas to the program office

Will support the development of PIT process and PIT guidance for the program office and shall assist in developing, reviewing, or assisting the U.S. Government and other supporting Contractors, to identify any "sensitive" media that should not be placed into the public domain (e.g., Classified, For Official Use Only (CUI)), as well as ensuring applicable Distribution Statement, Handling and Destruction Notice, Warning Statement (for technical information with space/military application under the ITAR or the Export Administration Regulations (EAR) for dual-use technologies), along with the expanded exemption statement are applied IAW AFI 61-204, and DoD 5400.7-R

Shall assist to properly mark, properly handle, secure, and dispose of any sensitive media in the Contractor's immediate control

Will advise or alert the U.S. Government, and other supporting Contractors of these requirements, for any sensitive media received which is not appropriately marked

Shall support all training (classroom and computer based) and keep accurate records of completed training

Will support cryptography analysis and assist in conducting Supply Chain Risk Management (SCRM)

Shall assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents, including, but not limited to, the acquisition strategy, SEP, PPP, and SSP

Shall assist to review and provide advisory assistance in evaluating cybersecurity system integrity engineering support which may include procedures associated with handling Critical Program Information (CPI) / Critical Components (CC) from unclassified material, up to and including Top Secret (TS), special access and Sensitive Compartmented Information (SCI)

Qualification

CISSP CertificationSystems EngineeringInformation AssuranceCybersecurity Directives ComplianceRisk Management FrameworkSupply Chain Risk ManagementTechnical DocumentationSoft Skills

Required

Must have at least an active top-secret clearance

Master's or Doctoral Degree in a related field and a minimum of ten (10) years of experience in the respective technical / professional discipline being performed, at least five (5) of which must be in the DoD

OR, Bachelor's Degree in a related field and a minimum of twelve (12) years of experience in the respective technical/professional discipline being performed, five (5) of which must be in the DoD

OR, a minimum of fifteen (15) years of directly related experience with proper certifications as described in the PWS labor category performance requirements, eight (8) of which must be in the DoD

Specialized Experience: In addition to PWS Paragraph 3.1.1. and 3.3.1, recommend computer engineer, electrical engineer or computer science ABET accredited degrees or BS in information assurance or information systems

Recommend a minimum of ten years of systems engineering, systems security engineering, or IA experience

Required to possess and maintain a current Certified Information System Security Professional (CISSP) certification

Recommend expertise in state of a system where it is performing its intended functions without being degraded or impaired by changes or disruptions in its internal or external environments (systems integrity) and IA

Benefits

Health Care Plan (Medical, Dental & Vision)

Retirement Plan (401k, IRA)

Life Insurance (Basic, Voluntary & AD&D)

Paid Time Off (Vacation, Sick & Public Holidays)

Family Leave (Maternity, Paternity)

Short Term & Long Term Disability

Training & Development

Company

Credence

Credence provides innovative technology, health, engineering, and management solutions to support mission-critical programs for Federal government customers.

Founded in 2005

Vienna, Virginia, USA

1001-5000 employees