Senior Cybersecurity Specialist with Security Clearance

Phalanx Griffon (PG) is a top priority, open architecture airborne node that stitches warfighter data into the DAF BATTLE NETWORK. As Senior Cybersecurity Specialist, you will be the program's authority on securing Nomad hardware, Smith software, and Watch operations throughout Major Release 2 (FY ). Your zero trust designs, continuous ATO tooling, and cross domain safeguards will decide when PG can fly-and fight-in contested environments. Essential Job Functions Cyber Strategy & Governance
• Own the PG Cybersecurity Strategy, System Security Plan (SSP), and Plan of Action & Milestones (POA&M).

• Align all efforts with NIST , CNSSI 1253, and Air Force Zero Trust Reference Architecture.

• Chair cyber risk boards; brief metrics & burn downs to SES/GO stakeholders. RMF & Continuous ATO
• Lead the PG Risk Management Framework (RMF) process from categorization through authorization; shepherd artifacts in eMASS.

• Stand up automated compliance scans (ACAS, SCAP, Nessus, Tanium) integrated with the DevSecOps pipeline; deliver continuous ATO dashboards. Secure DevSecOps & Supply Chain Risk
• Embed S BOM analysis, container hardening, and code signing into Smith's 90 day software release cadence.

• Evaluate third party components for supply chain threats; drive mitigations and waivers. Cross Domain & Crypto Engineering
• Develop guard rulesets and data flow enforcement for Multi Level Security (MLS) cross domain solutions.

• Coordinate Type 1 crypto key management plans with NSA; author KOV 11 / SKL handling procedures. Vulnerability Management & Incident Response
• Conduct penetration tests and red team exercises on Integration SIL builds; track findings to closure.

• Draft and rehearse PG specific incident response / hunt forward playbooks for Watch operations. Platform & Flight Test Support
• Generate "cyber annexes" for AF Form 1067s, Safety of Flight packages, and Interim Authorizations To Test (IATT).

• Deploy secure configs on flight hardware; provide on site cyber assurance during ground & flight events. Mentorship & Culture
• Coach engineers on secure by design principles, STIG implementation, and zero trust concepts.

• Foster a DevSecOps, fail fast mindset inside classified environments. Required Skills: Due to the sensitivity of customer related requirements, U.S. Citizenship is required. B.S. in Cybersecurity, Computer Science, Information Systems, or related field (M.S. preferred) and 12 + years securing DoD or IC C4ISR/avionics systems; at least 5 years as the lead cybersecurity engineer or ISSM. Active TS/SCI clearance. Hands on mastery of RMF, NIST , DISA STIGs, SCAP/ACAS, and eMASS workflows. Experience designing or accrediting cross domain solutions and Type 1 crypto architectures. Working knowledge of container security, IaC (Ansible/Terraform), and DevSecOps pipelines (Platform One, Iron Bank). Desired Skills: DoD 8570/8140 IAM/IASAE Level III certification (CISSP ISSEP, CISM, GSLC, etc.). Prior involvement in ABMS, CJADC2, OMS/UCI, or tactical data link programs. Familiarity with zero trust enforcement for SATCOM, SDR, and software defined networking environments. Red team / pen test credentials (OSCP, GXPN, CEH) and experience authoring mitigations. Agile/Scrum or SAFe certification.