We have an exciting opportunity to join us in supporting one of our valued customers as aCybersecurity Engineer 3 to work out of Dayton, OH. Within the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the Commanders Resource Integration System (CRIS) is a read-only, multi-tier, relational data warehouse providing visibility into financial transactions across all echelons of the AF. The CRIS warehouse offers data from multiple legacy systems: Budget, Accounting, Supply, Fuels, Flying Hours, Civilian Pay and Personnel. CRIS reduces the user’s data collection efforts, allowing more time to be spent on decision support. Approximately 8,000 users access data in the CRIS warehouse through the business intelligence tool or web application. The mission of CRIS is to deliver reliable, accurate and timely AF data and information for decision support. CRIS has been designated the Authoritative Data Source (ADS) for the AF for all appropriated funds. Essential Duties: The primary function of the Cybersecurity Engineer 3 will be to develop and implement advanced cyber defense solutions and changes for organizations, safeguards the corporate infrastructure from infiltrations or exfiltration, and assures that the system is built to specification and is deployed successfully. Designs, maintains, and operates highly complex and high secure communications network environments. Performs in-depth network security analysis, and conducts preliminary incident response, event analysis, and threat intelligence. Reviews security events that could be a detriment to the organization’s overall security stance. The successful candidate will perform work that applies a broad theoretical and practical knowledge of Cybersecurity. The functions required to be performed by individuals in this specialty may include: * Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and AF policies (i.e., Risk Management Framework (RMF)
* Recommending policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
* Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
* Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals
* Conducting systems security evaluations, audits, and reviews
* Recommending systems security contingency plans and disaster recovery procedures
* Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
* Participating in network and systems design to ensure implementation of appropriate systems security policies
* Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes
* Assessing security events to determine impact and implementing corrective actions
* Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.
* Perform the Information System Security Manager (ISSM) duties as outlined in DoDI 8510.01 for assigned systems/applications.
Required Qualifications: The successful candidate shall possess the advanced knowledge, experience and recognized ability to be considered an expert in their technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and mid-level personnel within the technical/professional discipline. Will demonstrate advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise. * Extensive knowledge and proficiency with the Risk Management Framework (RMF)
* Expert knowledge and proficiency with Cybersecurity best practices
* Expert knowledge and understanding of Federal and DoD Cybersecurity regulations and policies
* General working knowledge of DoD Acquisition policy, specifically DoDI 5000.75
* Experience with the implementation of new IT/Business System technologies to include but not limited to Cloud Infrastructure and Enterprise Resource and Planning (ERP) systems
Preferred Qualifications: The following skills are highly desirable but not required for this position: * Working knowledge of the Agile Development methodology
* Experience using any, or all, of the following tools (Desired):
* CheckMarx
* SonarQube
* Jira
* Confluence
* Mavin
* Jenkins
* Bitbucket
Education/ Certification: * Advanced Degree (MA/MS) in Computer Science, Information Technology or other Engineering Discipline and12 years of experience, 5 of which must be in the DoD, or
* BA/BS Degree in Computer Science, Information Technology or other Engineering Discipline and 15 years of experience in the respective technical/professional discipline being performed, 5 of which must be in the DoD, or,
* 20 years of directly related experience with proper certifications, 8 of which must be in the DoD.
* At a minimum, the successful candidate will meet the requirements for and maintain an IAM Level III Cybersecurity certification by possessing at least one of the following certificationsas directed by DoD 8140 and outlined in DoD 8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
* ISACA CISM
* (ISC)2CISSP
* GIAC GSLC
* EC Council CCISO
* Certified SCRUM Master -Desired
* Other Agile Certifications - Desired
Required Clearance: Secret Travel:10% USfalcon has grown from our roots in 1984 to become a mid-tier professional services company supporting a diverse and global customer base of DoD and Federal Agencies. We have been excelling in diverse platforms for almost 30 years and continue to be an industry leader. If you thrive in an organization that values integrity, commitment, stewardship, and service, we want to meet you. We deliver core capabilities in Aviation, Space, Information Technology, and Business Operations and continue to grow and expand our competencies, contracts and customer base, adding to our long history of supporting customer and community needs. Learn more at www.usfalcon.com/history. All USfalcon employees are required to show proof of vaccination status at time of hire to ensure compliance with EO14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors (effective December 8, 2021).