Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. As we enter our 50th year in business, we are known for continuous innovation for government customers, both long-established and newly acquired, as our capabilities expand around the globe. Our work is state-of-the-art and made possible only through the best personnel, tools, and jobs in the national security business. We are highly collaborative in spirit and practice, and we freely share expertise across SPA in our quest for enduring solutions to critical concerns. Come work with the best!
This is an exciting opportunity to support the United States Space Force (USSF). The Air Force (AF) Program Executive Office for Space (AFPEO/SP) at the Space Systems Command (SSC) has the collective AF mission responsibility for the development, deployment, maintenance and sustainment of AF space systems providing early missile warning capability; environmental sensing; precision navigation, guidance and timing; nuclear event detection; space launch capability; national and military satellite communications capabilities; launch range and network systems; advanced systems; and technology development programs.
SPA has an immediate or near term need for a Cybersecurity Engineer.
This position ensures that the information security requirements necessary to protect the core mission and business process are adequately addressed in all aspects of the enterprise architecture, to include reference documentation and system architectures. Functions as a Subject Matter Expert (SME) on each system architecture and design. Review technical documentation in support of analysis, system design, development testing, and deployment of security systems. Provide information assurance assessment and recommendations concerning safeguarding of IS through risk analysis, vulnerability assessment, and compliance with NIST SP 800.53. Interact with military, Government civilians, and contractor staff at all levels to support the A&A efforts of each mission/system. Provide input on assigned enclaves as relates to how proposed modifications, additions, and technology upgrades would impact the overall security posture of the system.
- Ensure that Cybersecurity requirements are effectively integrated into Information Systems and components through purposeful security architecting, design, development, and configuration
- Employ best practices when implementing security controls within an Information System
- Provide assessment and technical inputs to any system changes for all associated system enclaves
- Perform FISMA required risk assessment of policies, procedures, supplemental plans addressing network, facilities and system security, security awareness training, testing and evaluation of security controls, incident response plan, and continuity of operations plans
- Evaluate the requests for compliance and integration with all applicable cybersecurity policies, Notice to Airmen (NOTAMs), and Technical Change Orders (TCOs)
- Create/maintain a Government owned Cyber Schedule that captures all mission cybersecurity activities and actions. The schedule needs to be capable of showing a high-level view of all project/activity milestones, accomplishments, and discrete tasks including Authorization and Assessment activities for RMF packages, cyber assessments, and O&M Mods or depot sustainment cases that improve the systems cybersecurity posture
- Provide IS and compliance documentation to include but not limited to:
- Categorize ISs IAW Committee on National Security Systems Instruction (CNSSI) 1253
- Initiate the security plan, register system with DoD Information Technology Investment Portfolio System (ITIPS) and Enterprise Mission Assurance Support System (eMASS) and select security controls for all computer enclaves IAW National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53
- Identify common controls; develop monitoring strategy, and plan, review, and obtain approval IAW NIST SP 800-53 and CNSSI 1253
- Implement and document control solutions consistent with DoD cybersecurity architectures IAW NIST SP 800-160 and NIST SP 800-18
- Prepare the Plan of Action and Milestone (POA&M) and submit security authorization packages, to include all required artifacts to Authorizing Official (AO)
- Provide RMF training/education for program managers and integrated product team leads.
Qualifications Required Qualifications:
- Bachelor's degree with 6+ years of experience including 3+ years of experience in performing IAT level II or IAM level II functions
- Experience with DoD RMF functions and Processes and/or DISA IASE
- IAT or IAM Level 2 Certification per DoD 8570.01M
- Active DoD Secret Clearance
- Experience with XACTA, FISMA, eMASS and/or ITIPS
- Masters degree
- TS/SCI Clearance