|Published||November 27, 2022|
Oasis Systems has an exciting opportunity for a Cybersecurity Assessor. Within the AFLCMC/HI Business and Enterprise Systems Directorate (BES), the Cyber Domain provides cyber support to Air Force users to empower the acquisition, operation, sustainment, and security of warfighting systems. The activities involve ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
LOCATION: Wright-Patterson AFB
JOB STATUS: Full-time
TRAVEL: Less than 10%
REQUIRED QUALIFICATIONS(Education, Certifications, Experience, Skills)
The successful candidate shall possess the advanced knowledge, experience, and recognized ability to be considered an expert in their technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and mid-level personnel within the technical/professional discipline. Will demonstrate advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures, and practices in their area of expertise.
Minimum 5 - 10 years information Technology experience implementing/configuring cybersecurity mechanisms /technologies
Expertise and support in implementing cybersecurity technologies (formally Information Assurance (IA))
Experience within Federal Government in support of cybersecurity practices for Business Enterprise System
Knowledge and experience working with eMASS
Experience with implementing Risk Management Framework (RMF)
Must have experience with NIST SP 800-53 security controls and the understanding of control implementations
Must be willing to learn and use cybersecurity testing tools
SECURITY CLEARANCE: Secret (Required) and U.S. Citizenship is required for all applicants
Bachelor of Science (B.S.) degree in Cybersecurity, Engineering, Information Systems, Information Security, Computer Science, or related technical discipline is required
At a minimum, the successful candidate will meet the requirements for and maintain an IAT or IAM Level III Cybersecurity certification by possessing at least one of the following certifications as directed by DoD 8140 and outlined in DoD 8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
CISSP (or Associate)
EXPERIENCE LEVEL: Level III (Senior)
The following skills are highly desirable but not required for this position:
Working knowledge of the Agile Development methodology
Experience using any, or all, of the following tools (Desired):
o Burpsuite Professional
o HCL AppScan
o Trustwave AppDetectivePro
The AFLCMC/HIZ Security Control Assessor Representative (SCAR) is responsible for assessing application and software cybersecurity (confidentiality, integrity, and availability) readiness by performing individual internal assessments as part of the Risk Management Framework. The SCAR candidate must have specific knowledge of application, system, and network security, technologies, processes, and practices designed for prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communication services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and non-repudiation.
The successful candidate will perform work that applies a broad theoretical and practical knowledge of Cybersecurity. The functions required to be performed by individuals in this specialty may include:
Evaluates IT infrastructure in terms of risk to the organization and establishes controls to mitigate loss.
Documents business processes within process narratives or flowcharts, identifying risks and mitigating controls.
Develops risk and control matrices and test plans for key controls.
Identifies control gaps and tests the design of existing controls.
Formulates clear and concise conclusions on internal controls and business process and efficiencies.
Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and AF policies (i.e., Risk Management Framework (RMF)
Recommending policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data
Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs
Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals
Recommending systems security contingency plans and disaster recovery procedures
Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
Participating in network and systems design to ensure implementation of appropriate systems security policies
Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes
Assessing security events to determine impact and implementing corrective actions
Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.
Who We Are
Oasis Systems is a premier provider of customer-driven, cost-effective, and quality Engineering Services; Enterprise Systems and Applications; Human Factors Engineering; Information Technology and Cyber Security; Professional Services; and Specialized Engineering Solutions to the Department of Defense, Federal Aviation Administration, Nuclear Regulatory Commission, and other Federal Agencies.
We strive to be an exciting and welcoming company that attracts, develops, motivates and retains the most talented, skilled and dedicated people in the industry; where they are encouraged to achieve personal excellence, purpose, and their full potential and career aspirations, while supporting mission-critical national security technologies and programs.
Oasis Systems is an equal opportunity employer and does not discriminate in hiring or employment on the basis of any legally protected characteristic including, but not limited to, race, color, religion, national origin, marital status, gender, sexual orientation, ancestry, age, medical condition, military veteran status or on the basis of physical handicap which, with reasonable accommodation, render the application to satisfactorily perform the job available
Job LocationsUS-OH-Dayton / Wright-Patterson AFB
Requisition Number 2022-12996
Posted Date 3 weeks ago (10/31/2022 1:15 PM)