CybersecurityJobs.io
← Back to all jobs
Torch Technologies

Cybersecurity, Senior (ISSM)

Torch Technologies
Kettering, OH Full time Posted 1d ago
Cybersecurity Tools Data Security Emass Enterprise Risk Identity and Access Management Identity and Access Management Information Security Information Technology (IT) IT Services Risk Governance Risk Management Security Security Automation Security Compliance Strategic Planning
Apply Now

Job Description

The role is a Senior Cybersecurity Engineer (ISSM) supporting Torch Technologies' EPASS GB CRIS program, onsite in Kettering, Ohio. The position emphasizes RMF, CSF, and NIST-aligned cybersecurity risk management, continuous monitoring, authorization actions, and training/documentation activities.

Responsibilities

  • Provide cybersecurity support to the PMO and Capability Development Manager (CDM) in accordance with DoDI 8500.01.
  • Assess and continuously monitor cybersecurity risk to ensure that both legacy and new capabilities comply with enterprise standards such as RMF, CSF, and NIST, aligned with the Authorization Official’s Information System Continuous Monitoring (ISCM) strategy.
  • Complete and maintain required cybersecurity certification IAW AFMAN 17-1303.
  • Ensure all AF IT cybersecurity-related documentation is current and accessible to properly authorized personnel.
  • Assist the PM or ISO in maintaining current authorization to operate, approval to connect (if required), and implementing corrective actions identified in the plan of actions and milestones (POA&M).
  • Coordinate, with the PM and AO staffs, development of an ISCM strategy and monitor proposed or actual changes to the system and its environment.
  • Continuously monitor the IT environment for security-relevant events.
  • Assess proposed configuration changes for potential impact to the cybersecurity posture.
  • Assess the quality of security controls implementation against defined performance indicators.
  • Ensure cybersecurity-related events or configuration changes that affect AF IT authorization or security posture are formally reported to the AO and other affected parties, such as IOs, stewards, and AOs of interconnected IT.
  • Ensure all ISSOs and privileged users receive necessary technical training and obtain cybersecurity certification IAW AFMAN 17-1301 and AFMAN 17-1303, maintaining proper clearances IAW DoWI 8500.01.
  • Ensure AF IT is acquired, documented, operated, used, maintained, and disposed of properly IAW DoWI 5000.02 and DoWI 8510.01.

Requirements

  • U.S. Citizenship.
  • Master’s or Doctorate degree in a related field with 10 years of experience in the respective technical/professional discipline, five years of which must be in the DoW; or
  • Bachelor’s degree with 12 years of experience in the respective technical/professional discipline, five of which must be in the DoW; or
  • 15 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, eight of which must be in the DoW.
  • Knowledge, experience, and demonstrated ability to function as a highly skilled professional in their field; capable of performing tasks independently and supervising junior personnel within the technical/professional discipline.
  • Expertise in: Access control; Configuration management; System and communications protection; Contingency planning; Incident handling; System and information integrity; Security and privacy training and awareness; and software development activities related to cybersecurity.
  • Experience performing cybersecurity duties as described in DoDI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.
  • Experience validating, evaluating, and analyzing finding results and developer adjudications using automated testing tools (Fortify, Checkmarx, SonarQube, AppScan).
  • Experience using DoD tracking systems to document cybersecurity deficiencies, vulnerabilities, and change requests in programs such as Jira, HP ALM, and eMASS.
  • Experience conducting information security continuous monitoring (ISCM) to maintain ongoing awareness of information security, vulnerabilities, and threats in support of organizational risk management decisions IAW the approved ISCM strategy.
  • Must hold and maintain a Secret security clearance.
  • Must meet and maintain a DCWF ISSM work role (722) personnel certification at an advanced (senior) proficiency level per DoWI 8510.01, AFMAN 17-1305 and AFI 17-101 for assigned systems/applications, including certifications such as:
    • ISACA CISM
    • United America Technologies CISSO
    • FITSI FITSP-M
    • GIAC GCIA
    • GIAC GCSA
    • GIAC GCIH
    • GIAC GSLC
    • GIAC GICSP
    • (ISC)2 CISSP-ISSMP
    • (ISC)2 CISSP

Technologies

  • Fortify
  • Checkmarx
  • SonarQube
  • AppScan
  • Jira
  • HP ALM
  • eMASS
  • Confluence
  • Mavin
  • Jenkins
  • Bitbucket

Benefits

  • ESOP participation
  • 401(k) match and safe-harbor contribution
  • Medical, dental, and vision insurance
  • Life insurance
  • Short-term and long-term disability
  • Flexible spending accounts
  • Health Savings Accounts and Health Reimbursement Accounts
  • Employee Assistance Program (EAP)
  • Education assistance
  • Paid time off and holidays

Preferred Qualifications

  • Certified SCRUM Master
  • Other Agile Certifications
  • Working knowledge of Agile Development methodology
  • CheckMarx
  • SonarQube
  • Jira
  • Confluence
  • Mavin
  • Jenkins
  • Bitbucket

Schedule

40 Hrs/week

Work Location

Kettering, OH

Travel

0-10%

Relocation Assistance Available

No

Position Contingent Upon Award of Contract

No

Similar Jobs

Get Job Alerts

New jobs delivered to your inbox.