SAIC Job - 35306652 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: SAIC
Location: Wright Patterson Air Force Base, OH
Career Level: Mid-Senior Level
Industries: Technology, Software, IT, Electronics

Description

Description

SAIC is seeking qualified candidates to support the US Air Force Agency for Modeling and Simulation (AFAMS) program.

AFAMS is the premier agency responsible for implementation, integration, and development of Modeling and Simulation (M&S) and training and analysis standards that support the US Air Force (USAF), Department of Defense (DoD), and mission partners requiring these capabilities to support the Warfighter in full-spectrum operations. As the lead agent for M&S within the USAF, AFAMS gathers requirements, seeks out potential solutions, and integrates legacy and emerging M&S solutions across the USAF and the DoD. The USAF has an M&S initiative that focuses on providing simulation and synthetic training as the critical capability to augment live training, act as an enabler for critical decision-making, and enhance human performance. In the current resource constrained environment, demand for M&S rises with the continuously evolving need for operational readiness and mission preparedness across the USAF, DoD, and with coalition partners. AFAMS focuses on providing innovative M&S services as the key to meeting this demand.

The role of this position is to support the Air Force Life Cycle Management Center Simulators Division in Wright Patterson AFB, OH. The IA System Security Engineer will:

  • Support Information Owners achieving consistent application and implementation of network and system security policies, countermeasures, and procedures under development and fielded at user sites. Standardize non-technical assessment policies and procedures.
  • Provide technical expertise and cybersecurity services to augment and support the Security Control Assessor Representative (SCAR) and Associate Security Control Assessor Representative (ASCAR) functions throughout all security development lifecycles performed within a simulator program's SDLC.
  • Develop and implement Common Control Provider (CCP) security controls and an eMASS program of record.
  • Standardize non-technical assessment policies and procedures.
  • Develop and distribute Best Practices and Lessons-Learned to the entire simulator fleet.
  • Provide cybersecurity expertise and services to support a programs' ISSMs, ISSOs, and ISSEs.
  • Verify ISSOs are appointed in writing and verify they follow cybersecurity policies and procedures.
  • Develop and maintain organizational and program cybersecurity architecture, requirements, objectives and policies, and cybersecurity processes and procedures. Manage and update RMF cybersecurity information to include verifying artifacts are entered in eMASS.
  • Increase the security posture of programs by ensuring security controls are implemented and working per the ATO. Recommend risk mitigation procedures and countermeasures when a cybersecurity incident or vulnerability is discovered. Ensure a process is in place for users to report all cybersecurity threats, vulnerabilities, and incidents, whether actual or suspected, are reported to authorities (e.g., ISSO, ISSM, PM).
  • Assess the accuracy and completeness of RMF authorization packages IAW the Package Approval Chain (PAC) in eMASS. Reduce the Control Approval Chain (CAC) security control rejection and rework.
  • Provide a centralized management approach to create, update, track, and monitor POA&Ms from beginning through final resolution of security findings.
  • At customer direction, visit simulator program sites to provide cybersecurity support and services to site personnel to promote and improve simulator security postures and compliance with cybersecurity policies.
  • Assess current operations; document simulator security postures to ensure a robust cyber-security Program that complies with FIPS 199 and 200, DoDI 8500.01, DoDI 8510.01, DoDI 5200.39, and AFI 17-101.
  • Conduct analysis of findings on unclassified and classified networks and systems.

Qualifications

The following skills are required:

  • DoD 8570.1 IAT-Level III certification (e.g., CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH)
  • 5 years of senior engineering experience at the enterprise level in system design and architecture development with modern computer platforms (e.g., OS, cloud computing, datacenter operations).
  • A strong working knowledge of RMF.
  • Bachelors and ten (10) years or more of related experience; Masters and eight (8) years or more experience ; PhD or JD and two (2) years or more experience. In lieu of a degree an additional 4 years of experience is required.

 A Secret security clearance is required for this position.


 Apply on company website