Cybersecurity Engineer

Tampa, Florida

 Aero Simulation
Job Expired - Click here to search for similar jobs
THE COMPANY

For over 40 years, Aero Simulation, Inc. (ASI) has provided quality flight training devices to the US Military. ASI has successfully built numerous training systems with a primary focus on aircrew and maintenance training systems. Our current programs include, but are not limited to, the B-1 Training Systems (Air Force), E-2D Training Systems (Navy), CH-53E Training Devices (USMC), IMOMS (Coast Guard), Navigation, Seamanship, Shiphandling Trainer - NSST (Navy). To learn more about ASI visit Programs - Aero Simulation, Inc.

ASI is a 100% employee-owned engineering and manufacturing company committed to supporting the nation's warfighters. Being 100% employee-owned directly impacts our culture: it drives our decision-making, motivates our teams, increases our productivity, improves retention and contributes to the future success of our company. Our culture is one where we work hard for our clients and for each other - and we have fun collaborating, sharing experience and expertise, and learning along the way. We strive to deliver exceptional quality, elevate client relationships, and enrich the careers and lives of our employee-owners. As Employee-Owners, we are invested in the success and continued development of each other and the company.

In addition to the Employee Stock Ownership Plan (ESOP), we offer a flexible work environment, generous paid time off, professional development opportunities, industry competitive compensation, and superior benefits to include medical, dental, 401k and more.

ASI is a great place to build a career and grow with a company that is dedicated to quality, service and to fostering a community of support for each and every member of the team. To learn more about this opportunity, keep reading.

POSITION SUMMARY

The Cybersecurity Engineer provides training systems, upgrades, and support to various government customers. The successful candidate will interface with other systems engineering disciplines and stakeholders to help ensure that the appropriate security principles, concepts, methods, and practices are applied during the system life cycle to achieve stakeholder objectives for the protection of assets.

ESSENTIAL DUTIES AND RESPONSIBILITIES
  • Perform Information system security engineering (ISSE) activities for all phases of the system development life cycle utilizing the Risk Management Framework in accordance with applicable NIST Special Publications 800 and FIPS series to create, upgrade, and maintain aircraft training devices.
  • Provide Cybersecurity Subject Matter Expertise (SME) engineering support to project teams.
  • Define stakeholder security objectives, protection needs and concerns, security requirements, and associated validation methods.
  • Select, tailor, implement and assist validating security controls with respect to security categorizations and applicable guidance such as the JSIG, CNSSI 1253, NIST SP 800-37, SP 800-53A, and FIPS-199.
  • Define system security requirements and associated verification methods.
  • Design, build, configure, implement and maintain security designs for new or existing systems.
  • Ensure that the design of hardware, operating systems, and software applications adequately address cybersecurity requirements for the system.
  • Participate in an IS risk assessment during the A&A process and design security countermeasures to mitigate identified risks.
  • Identify and assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats.
  • Ensure that system designs support the incorporation of DoD-directed IA vulnerability solutions, e.g., IAVAs.
  • Design proactive and reactive security functions encompassed within a balanced strategy to control asset loss and associated loss consequences.
  • Provide security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences.
  • Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions.
  • Perform system security analyses in support of decision making, risk management, and engineering trades.
  • Demonstrate through evidence-based reasoning that security claims for the system have been satisfied.
  • Ensure that the implementation of security designs properly mitigate identified threats.
  • Document system security design features and provide input to implementation plans and standard operating procedures.
  • Assess the effectiveness of information protection measures utilized by systems.
  • Provides evidence to substantiate claims for the trustworthiness of the system.
  • Generate and submit authorization packages and required artifacts to authorizing officials for an authorization decision.
  • Leverage multiple security and other specialties to address all feasible solutions so as to deliver a trustworthy secure system.
  • Recognize a possible security violation and take appropriate action to report the incident.
  • Organize, develop, and present briefings, written summaries, and written reports.
SUPERVISORY RESPONSIBILITES

This job has no supervisory responsibilities.

Requirements

EXPERIENCE REQUIREMENTS

ENTRY- 0-3 Years

MID- 3 to 7 Years

SENIOR- 7+ Years
  • Experience implementing Department of Defense (DoD) security requirements and contract/government information security.
  • Experience in managing information systems under the DoD Risk Management Framework (RMF) and the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
  • Experience in the DoD vulnerability management process.
  • Experience in applying Security Technical Implementation Guide (STIGs) configuration settings to Linux and Windows operating systems and network devices.
  • Knowledge of vulnerability scanning software use (ACAS, etc.) and ability to analyze and report the results.
  • Knowledge of cybersecurity policies, procedures.
  • Knowledge and experience with NISPOM and DoD security related instructions.
PREFERRED QUALIFICATIONS

Specialized experience in one or more:
  • Experience with Department of Defense (DoD) networks.
  • Experience with Windows and Linux Systems Engineering and/or Administration.
  • Experience with Network Engineering and/or Administration.
  • Experience with Network Security Engineering and/or Administration.
  • Experience conducting Software Security Assessments
  • Experience with Public Key Infrastructure (PKI) Engineering
  • Experience with Vulnerability Management (e.g. flaw remediation leveraging tools such as ACAS and WSUS or YUM)
  • Experience with Endpoint Security Engineering and/or Administration (e.g. HBSS/ESS)
  • Proficiency in common business software (Microsoft Office - Word, Outlook, Power Point, Excel, SharePoint)
ADDITIONAL REQUIRED SKILLS AND ABILITIES
  • Ability to develop and maintain positive working relationships with internal and external customers.
  • Ability to adapt communication style and messaging to different audiences.
  • Ability to manage multiple priorities and projects simultaneously, ensuring stakeholder expectations are managed appropriately.
  • Ability to work in a project-oriented, fast paced environment to meet deadlines.
  • Ability to work in a team environment, or independently, as necessary, and be a self-starter who will attack designs and resolve problems effectively and efficiently.
  • Keen attention to detail to deliver solutions that meet business requirements and are operationally supportable.
EDUCATION REQUIREMENTS

Bachelor's degree in Cybersecurity, Computer Science, Computer Engineering, Information Technology, Information Assurance, or equivalent experience.

CERTIFICATION REQUIREMENTS

Required: Current DoD 8570/8140 IAT Level II Certification (CompTIA Security+CE, CCNA Security, CySA+, etc.)

EMPLOYMENT REQUIREMENTS
  • Due to contractual requirements must be a United States Citizen
  • Must be able to pass an initial background check.
  • Must be able to obtain and maintain an active Department of Defense security clearance. Employee/selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information (as required)
  • Required to communicate in English.
  • The ability to travel to installation sites to install and troubleshoot systems.
  • ASI is a Drug Free Workplace where applicants and employees are required to successfully pass pre-employment and Random drug testing.
PHYSICAL REQUIREMENTS
  • Candidate must be able to work in small, confined spaces (simulator cockpits)
  • Typically, employees sit comfortably to do their work, interspersed by brief periods of standing, walking, bending carrying papers and books, and extensive periods requiring the use of computer terminals to accomplish work objectives.
  • Additional skills may be required to perform additional task(s) specific to work location, department or line of business.
  • Must be able to travel via car and airplane.
  • Must be able to climb stairs to enter and exit a simulator.

WORK ENVIRONMENT
. click apply for full job details
Date Posted: 18 January 2025
Job Expired - Click here to search for similar jobs