Apply on Employer Site

Torch Technologies, Inc. · 10 hours ago

Principal Cybersecurity Engineer

Hanscom AFB, MA

Full-time

Onsite

Lead/Staff

$160K/yr - $180K/yr

15+ years exp

Torch Technologies is a 100% employee-owned company providing engineering services to the Federal Government. They are seeking a Principal Cybersecurity Engineer to support the Air Force Life Cycle Management Center, focusing on various cybersecurity tasks and ensuring system security compliance.

National DefenseAerospaceElectronicsSoftwareAutomotiveRoboticsInformation TechnologyComputerNational Security

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoWI 5000.02, Operation of the Adaptive Acquisition Framework, and DoWI 8510.01

Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoW and Air Force policies (i.e., Risk Management Framework (RMF)

Update, monitor, and manage information in systems for the program office

Process and manage system user account requests and process tools

Process and manage system port/protocol and access control list requirements

Process and manage system Public Key Infrastructure (PKI) identification and authorization requirements

Manage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoW

Recommend policies and procedure to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data

Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needs

Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ vision and goals

Conduct systems security evaluations, audits and reviews

Recommend systems security contingency plans and disaster recovery procedures

Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures

Participate in network and systems design to ensure implementation of appropriate systems security policies

Recommend initial, or updates to, software and configurations to new or existing system security mechanisms

Obtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system’s mission

Facilitate the gathering, analysis and preservation of evidence used in the prosecution of computer

Provide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirements

Develop risk-based strategies to address identified gaps

Review, analyze, and assess implementations of cybersecurity (i.e RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementation

Collaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A process

Provide technical advice in the area of systems security across all systems and supports

Develop recommendations for the Government regarding how well designs satisfy current requirements and business goals

Maintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reports

Support Government program office in audits of Government classified holdings to ensure proper accountability

Maintain databases of classified visits and clearance levels

Perform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information received

Evaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)

Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOW, USAF, AFMC, and local directives

Develop training and provide security awareness and other security education programs

Review and verify personnel qualifications for access to special access programs

Develop, implement and maintain a communications security program

Assess program disclosure issues and provide FMS case management support

Assist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)

Support execution of all aspects of acquisition program security throughout a program’s lifecycle

Assist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation security

Update security classification guides

Prepare acquisition security related sections of acquisition program documentation

Review Contractor deliverables to ensure compliance with CDRLs

Plan and implement security-related surveys, assessments, and studies

Evaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end items

Provide security support to source selections

Qualification

Risk Management Framework (RMF)CISSP CertificationVulnerability ManagementTenable NessusNetwork SecurityCloud Service ModelsEndpoint SecurityCross Domain SolutionsSupply Chain SecurityNSA Type 1 encryptionDoW Policies for ProceduresDoW Impact LevelsSTIGs

Required

U.S. Citizenship

BS/BA Degree and 15 years of experience in the respective technical/professional discipline being performed, 10 of which must be in the DoW

Risk Management Framework (RMF), with emphasis on taking projects from Step 1 to Step 5

Vulnerability Management, Tenable Nessus (ACAS-DoW version of Nessus)

STIGs

CISSP Certification

Must have and maintain a Top-Secret clearance

Preferred

Experience with Cross Domain Solutions and USAF CDS-E

Cloud Service Models

Supply Chain Security

NIAP

DoW Policies for Procedures for Cybersecurity

Network Security

Endpoint

DoW Impact Levels

NSA Type 1 encryption

Working with a CSSP - 16th AF

Benefits

ESOP participation

401(k) match and safe-harbor contribution

Medical

Dental

Vision

Life insurance

Short-term disability

Long-term disability

Flexible spending accounts

Health Saving Accounts and Health Reimbursement Accounts

EAP

Education assistance

Paid time off

Holidays

Company

Torch Technologies, Inc.

Founded in October 2002, Torch is a 100% employee-owned business headquartered in Huntsville, Alabama.

Founded in 2002

Huntsville, Alabama, USA

501-1000 employees

https://www.torchtechnologies.com

Funding

Current Stage

Late Stage

Total Funding

$15.16M

2012-02-09Seed· $3.01M

2011-12-31Debt Financing· $12.15M

Leadership Team

Bill Roark

Co-Founder

Darryl Trousdale

Senior Manager Torch Advanced VIZLAB | Co-Founder SIMVANA VR Anesthesia

Recent News

MarketScreener

BWXT Delivers Full Core of TRISO Nuclear Fuel for Project Pele Microreactor

2025-12-02

Birmingham Business Journal

Alabama city ranks near top for Southern tech hubs

2025-01-08

Huntsville Company Named In Top 100 Employee Owned Businesses For 2023

2024-03-07

Company data provided by crunchbase