Cybersecurity Engineer Journeyman

Odyssey Systems has an exciting opportunity for a Cybersecurity Engineer Journeyman providing support to the Command, Control, Communications, and Battle Management Division (C3BM).

Command, Control, Communications, and Battle Management (C3BM) has been tasked with delivering an integrated Department of the Air Force (DAF) Battle Network providing resilient decision advantage and enabling the USAF, USSF, Joint, and Coalition Force to win against the pacing challenge. C3BM supports execution in many different focus areas. C3BM's main efforts are Architecture and Systems Engineering (ASE), Operational Response Team (ORT), and multiple mission integration teams such as Air, Maritime and multiple acquisitions consisting of both the Advanced Battle Management System (ABMS) and Space.

The Security Manager will provide support to perform administrative security functions under the direction of the activity security manager without regard for job series or title or for rank, rate, or grade if they have the clearance required for the access needed to perform their assigned duties and tasks.

The Security Manager will assist the AF Cognizant Security Authority (CSA) in oversight of national security objectives supporting AF interests.

The Security Manager will provide day-to-day support for collateral and/or, as specifically directed, Sensitive Compartmented Information (SCI) activities. This will be accomplished through active and integrated security operations, processes, mechanisms and performed under the direction of Government security administrator.

The Security Manager will provide multi-disciplinary security support, including aspects of information security, personnel security, operations security, industrial security, communications security, acquisition security, general security, physical security, and anti-terrorism/force protection duties, while also being responsive and flexible to dynamic security situations.

The Security Manager will perform analytical, planning, advisory, operational, or evaluative work that has as its principal purpose the development and implementation of policies, procedures, standards, training, and methods for identifying and protecting information, personnel, property, facilities, operations, or material from unauthorized disclosure, misuse, theft, assault, vandalism, espionage, sabotage, or loss.

This is a full-time position located at Hanscom Air Force Base in Bedford, Massachusetts.

Duties include, but not limited to:

Identify and evaluate opportunities to apply innovative and emerging technologies, automate processes, continually improve the conduct and efficiency of audit activities and enterprise audit compliance of systems and infrastructure, and identify metrics for monitoring improvements. Develop/update and maintain system-specific audit review dashboards and reporting mechanisms to show compliance across enterprise. Review data and prepare ACAS reports for SPO Leadership to include pre/post VVA reports, GCCS-J STRATCOM reports, etc. Generate Third Party Applications/Systems vulnerability reports and provide to team for resolution with COTs/GOTs owners.

Assist with creation of ACAS TTPs, SOPs, and capture of lessons learned to improve performance, efficiency, and effectiveness of Cybersecurity personnel using the ACAS for the AOC WS Enterprise.

Daily center reporting - verifying security compliance with IAVA's and DISA STIGS. Daily central server maintenance - check logs, syncs, job queues, CSU dashboards, validate scans are credentialed and ACAS scanners and Security Center are operational and reporting properly for AOC sites.

Gathering, and reporting of AOC WS Software and Hardware information for EDS/CM team on a monthly or when requested.

Ensure AOC WS 10.1 baseline aligns with OPORDS and Cyber Tasking Orders. Review ARE/FT ACAS documentation and redline as necessary. Support the research and analysis of DoD and AF policies and tasking orders to mitigate implementation problems that may impact the AOC WS 10.1 ACAS implementation.

• Provide subject matter expertise (SME) on ACAS (Assured Compliance Assessment Solution) systems and related processes.
• Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations' visions and goals.
• Assist in the design, implementation, configuration, and maintenance of ACAS tools and applications for the KR enterprise.
• Standardize ACAS reporting and provide oversight to internal and external leadership, 20+ sites (CONUS and OCONUS), and ACAS cyber team members.
• Review and approve reports and metrics related to ACAS scans and vulnerability management efforts before released to KR leadership.
• Analyze security vulnerabilities identified by ACAS scans and provide oversite and recommendations for remediation.
• Collaborate with ACAS teams to ensure proper integration and utilization of ACAS tools within KR.
• Stay updated on industry best practices and emerging trends related to ACAS and cybersecurity.
• Support training efforts for staff members on the use of ACAS tools and interpretation of scan results for KR.
• Develop scripting to work with the ACAS applications to reduce manual assessment of compliance reporting.
• Update and maintain the KR ACAS (Nessus scanners and Security Centers) system at Hanscom AFB, including planning, delivery, installation, security hardening, configuration, integration, and testing.
• Administering Red Hat Enterprise Linux, including:
• Building, patching, and configuring RHEL systems (RHEL 7/8) to meet STIG requirements.
• Configuring DNS, NTP, and network settings to support ACAS installation.
• Performing backups and restores of system OS and installed software.
• Provide SME level support to define, analyze, implement, secure, test, and deploy new requirements and enhancements for network monitoring, vulnerability identification, remediation, and security compliance IAW current OPORDS.
• Assist with automation and implementation of periodic vulnerability reporting from ACAS to internal and external KR organizations.
• Review of discovery scan results to identify systems not being vulnerability scanned and automated reporting.
• Review of vulnerability scan results to identify, troubleshoot, and resolve credential and other common scan issues, and automated reporting.
• Review and compilation of scan results to support asset inventory requirements and automation.
• Assessment of scan results to identify areas where vulnerability remediation has the greatest impact on risk and automated reporting.
• Configuration of ACAS components to align with DISA Best Practice Guidance.
• Troubleshooting and resolution of communication issues between ACAS software components, failed plugin updates, and other common software issues with the Hansom ACAS Servers.

Citizenship: Must be a US citizen

Minimum Required Qualifications

Clearance: Must have and be able to maintain an Active Top Secret clearance

Preferred Qualifications

Education: Bachelor's degree in a professional engineering discipline and at least 7 years of experience in the respective technical/professional discipline, 3 of which must be in the DoD.

Certifications: Security +

Additional Information

Location: Hanscom Air Force Base in Bedford, Massachusetts

Onsite

#LI-KM1

Odyssey Systems Consulting Group, is an innovative small business committed to providing world-class technical, management, and training support services to government and public sector clients. We focus on people, processes, and performance to deliver superior results. Since our inception in 1997, our commitment to mission success and customer satisfaction has been recognized with exponential growth and exceptional past performance ratings. We accept challenging assignments and drive projects from the planning stages, through implementation, and into operations and support.

Please note: Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities