Overview VTG is seeking a Senior Information Systems and Cybersecurity Analyst to support our customer at Wright-Patterson Air Force Base (WPAFB), OH. The Senior Information Systems and Cybersecurity Analyst will assist in ensuring implementation of DoD, USAF and MAJCOM policies and update local processes and procedures necessary to support day-to-day operations. This is an onsite role. What will you do? * Assist the USG to organize, coordinate, identify, and satisfy the IA/ Cybersecurity requirements consistent with DoD policies, standards, and system architectures. * Assist in formulating architectural design, functional specifications, interfaces and documentation of hardware or software systems. * Utilize the RMF to support Authorization and Accreditation (A&A) of assigned systems. * Assist in the monitoring of systems throughout the lifecycle management process from concept to decommission. * Provide assistance in developing, modifying, reviewing, and coordinating IT Categorization Determination packages, Information Assurance Strategies (IASs), Information Assurance Plans (IAPs), PPPs, SSPs, Information Assurance Assessments, System Assessments, Interconnection Security Agreements (ISAs), Verification and Validation testing, Development and Design, requirements identification, Baseline Control selection, Applicability Assessments, Mitigation Strategies, Milestone Requirements Assessments, Configuration Management reviews, Continuous Monitoring, IA Liaison functions between the Developer, User Community and Program Management, leading the IA Integrated Process Team (IAIPT). * Assist with the evaluation of technical implementations of security designs to ensure that security software, hardware, and firmware features affecting confidentiality, integrity, availability, accountability, and non-repudiation have been implemented as documented in the JSIG (current version)/NIST 800-53 or while meeting the IA/Cybersecurity requirements of DoD Instruction 8500.01, Cybersecurity, DoD Instruction 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT), DoD Instruction 5200.39, and Air Force Instruction (AFI) 33-210, Air Force Certification and Accreditation (C&A) Program (AFCAP), as well as DCID 6/3, and JSIG requirements. Systems and Applications * Have a working knowledge of telecommunications concepts and principles, operating modes, systems, media, equipment, equipment configuration, and related software systems, processes and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures and methods for protection of systems and applications. * Apply understanding of computer science principles, information management principles, automated data processing (ADP) functions and plans, hardware and software systems' structures and operation, and computer programming languages and techniques to assist in the resolution of automation problems. * Use standard or conventional approaches, methods and techniques to assist in defining, planning, organizing, designing, developing, modifying, testing and integrating database or data processing systems, computer hardware systems and simulation models. Information Assurance/Cybersecurity * Assist in the modification of the Acquisition IA/ Cybersecurity Strategy for external systems. * Assist the USG to organize, coordinate, identify, and satisfy the IA/Cybersecurity requirements consistent with DoD policies, standards, and system architectures. * Have knowledge of computer science principles, information management principles, Automated Data Processing (ADP) functions and plans, hardware and software systems' structures and operation, and computer programming languages and techniques to assist in the resolution of automation problems. * Assist with monitoring information system activities to ensure system integrity; establishing reaction and maintenance control for the facility; and assist in performing system access or revocation tasks. * Report system security incidents, classified message incidents, vulnerabilities, and virus attacks IAW AFSSI 5021. * Provide assistance in developing, modifying, reviewing, and coordinating system PIT determination packages, IASs, IAPs, SSPs, Information Assurance Assessments, System Assessments, ISAs, Verification and Validation testing, Development and Design, requirements identification, Baseline Control selection, Applicability Assessments, Mitigation Strategies, Milestone Requirements Assessments, Configuration Management reviews, Continuous Monitoring, IA Liaison functions between the Developer, Simulators Division, User Community and Program Management. Program Security * Provide program protection and system security input for SOOs, PWSs, RFPs, and CDRLs. * Assist in the integration of US export and technology control laws, DoD/Air Force policy and instructions, and other applicable guidance into program protection planning. * Recommend changes to DoD, Air Force and program security policy and instructions. * Assist with developing and maintaining time-phased, event-driven SCGs& PSDs. * Assist with monitoring and reviewing trade studies designed to balance program security risks with costs to the program. * Assist with designing cost-effective approaches for integrating security requirements into weapon system contracts. Critical Information * Assist in the evaluation of security and administrative procedures associated with handling unclassified Critical Program Information/Critical Information (CPI/CI) and classified material. Classified Information * Assist in conducting analyses of procedures regarding the handling, controlling, storage and disposition of classified or critical weapon system hardware. * Assist in producing reports on the results of the analyses, including recommended actions, in either electronic or written form. Cybersecurity SME * Designated DoD 8570 - IAM II compliant (No waivers). * Demonstrate an advanced understanding of the Risk Management Framework (RMF) and shall apply it within the context of training simulations mission objectives. * Identify and recommend potential areas where existing data security policies and procedures may require change, or where a supplement is required to- mitigate key security risks. * Assist in implementing the JSIG or ICD 503 (a.k.a. Risk Management Framework) requirements to include technical computer/network system auditing. * Ensure communication to the ISSMs and Simulators Program Office Cyber leadership and the Program Managers during the lifecycle of the Authorization to Operate (ATO) period; especially if a time arises when the ATO is in jeopardy of not being granted. * Possess knowledge and experience in providing oversight and execution of the Assessment & Authorization processes (a.k.a. Certification & Accreditation) to assist with ensuring the ISSMs clearly understand their duties and mentor them to satisfactorily accomplish those duties. Do you have what it takes? Minimum Requirements: * Ability to perform on high-visibility or mission critical aspects of a given program and perform all functional duties independently. * Oversee the efforts of less senior staff and/or be responsible for the efforts of all contracted staff assigned to a specific job. * Certification to IAM level II as defined in AFM 33-285 and DoD 8570.01; and a bachelor's degree in a Science, Technology, Engineering, Math, Cybersecurity, or Computer Science field of study and more than 10 years of experience specifically in cybersecurity or information assurance; or * Associate degree in a Science, Technology, Engineering, Math, Cybersecurity, or Computer Science field of study and more than 16 years of experience specifically in cybersecurity or information assurance. Travel: T ravel 15% Clearance: Active Top Secret, SCI, SAP Security Clearance