KIHOMAC · 6 hours ago
Principal Cybersecurity Engineer
Hanscom AFB, MA
Full-time
Onsite
Lead/Staff
15+ years expKIHOMAC is a company focused on cybersecurity solutions, and they are seeking a Principal Cybersecurity Engineer. This role involves developing and managing security plans, conducting risk assessments, and ensuring compliance with DoD policies while providing technical advice on systems security across all systems.
AerospaceIndustrialManufacturing
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Develop System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01
Support system and application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)
Update, monitor, and manage information in systems for the program office
Process and manage user account requests, access controls, port/protocol requirements, access control lists, and Public Key Infrastructure (PKI) identification and authorization
Manage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoD
Recommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data
Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needs
Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations' vision and goals
Conduct systems security evaluations, audits and reviews
Recommend systems security contingency plans and disaster recovery procedures
Recommend and implement programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
Participate in network and systems design to ensure implementation of appropriate systems security policies
Recommend initial, or updates to, software and configurations to new or existing system security mechanisms
Obtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system's mission
Facilitate the collection, analysis and preservation of evidence used in the prosecution of computer crimes
Provide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirements
Develop risk-based strategies to address identified gaps
Review, analyze, and assess implementations of cybersecurity (i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementation
Collaborate with Government and commercial stakeholders to obtain system authorization approvals from Authorizing Officials throughout the RMF A&A process
Provide technical advice in the area of systems security across all systems and supports
Develop recommendations for the Government regarding how well designs satisfy current requirements and business goals
Maintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reports
Support Government program office in audits of Government classified holdings to ensure proper accountability
Maintain databases of classified visits and clearance levels
Perform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information received
Evaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)
Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directives
Develop training and provide security awareness and other security education programs
Review and verify personnel qualifications for access to special access programs
Develop, implement and maintain a communications security program
Assess program disclosure issues and provide FMS case management support
Advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)
Support execution of all aspects of acquisition program security throughout a program's lifecycle
Develop and support the implementation of security practices and policies related to acquisition, physical, personnel, and documentation security
Update security classification guides
Prepare acquisition security related sections of acquisition program documentation
Review Contractor deliverables to ensure compliance with CDRLs
Plan and implement security-related surveys, assessments, and studies
Evaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end items
Provide security support to source selections
Other duties as assigned
Qualification
Required
Bachelor's degree required
CISSP Certification required
15+ years of general work experience
10+ years of experience in a DOD setting
Risk Management Framework (RMF), with emphasis on taking projects from Step 1 to Step 5
Vulnerability Management, Tenable Nessus (ACAS-DoD version of Nessus)
STIGs
Experience with Cross Domain Solutions and USAF CDS-E
Cloud Service Models
Supply Chain Security
NIAP
DoD Policies for Procedures for Cybersecurity
Network Security
Endpoint
DoD Impact Levels
NSA Type 1 encryption
Working with a CSSP - 16th AF
Must be a US citizen
Must have an active TS clearance
Able to occasionally reach with hands and arms
Prolonged periods of computer screen use, while sitting or standing at a desk
Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)
Able to safely lift and carry up to 20 pounds at a time
Benefits
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k, IRA)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off (Vacation, Sick & Public Holidays)
Short Term & Long Term Disability
Training & Development
Wellness Resources
Company
KIHOMAC
KIHOMAC is an aerospace and defense technology company.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
unknownKey Investors
Deloitte
2025-10-31Corporate Round
Leadership Team
Adam Grimm
Chief Information Officer
Curtis Brad Goodwin
Chief Growth Officer
Recent News
Washington Technology
2025-11-08
Morningstar.com
2025-11-01
2024-04-25
Company data provided by crunchbase