Job Description: Information Networks are critical to modern warfare. This position plays a critical role in our nation’s defense through the operation, management and defense of the Air Force portion of the Department of Defense Information Network. This role provides specialized services to ensure all requirements are met for Cybersecurity operations including Risk Management Framework (RMF) Methodology, AF IT Assess Only, Approval to Connect, Security Control Overlays, Functional Mission Analysis, Identity Management, Credential Management, Access Management, Certificate Management, Public Key Infrastructure (PKI)/Public Key Enablement, End-Point Security, Remanence Security, Ports Protocol and Service (PPS) Management, Vulnerability Management, Insider Threat, and Cyber Incident Handling. This is expected to include, but not necessarily be limited to, the following activities:

Collect artifacts to include system policies, documentation, plans, test procedures, test results, and other evidence that validates or enforces the cybersecurity posture of the DoD ISfor RMF packages. Provide thorough reviews of security controls assessment and risk assessment results before submitting the security authorization package to the AO, ensuring the system’s cybersecurity posture satisfactorily supports mission, business, and budgetary needs (i.e., indicates the mission risk is acceptable). Follow the latest Defense Information System Network (DISN) Connection Process Guide to ensure all required artifacts are provided and submitted for circuit connection approval through Systems/Network Approval Process (SNAP) and GIG Interconnection Approval Process (GIAP), as required for DISA ATC. Develop, update, verify the Department of the Air Force (DAF) PPS comply with the requirements outlined in DoDI 8551.01, Ports, Protocols, and Services Management (PPSM). Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems PPS as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Update and/or review RMF documentation to include Security Plans, Plans of Action and Milestones (POA&Ms), Risk Assessment Reports and any other artifacts required to support accreditation packages and inspections. Ensure all implemented security controls and overlays, including management and operational controls, must be regularly assessed for effectiveness, even if monitoring them is not easily automated, annually, or as required by policy. Assess and evaluate software products for supportability, operability, compatibility, and security to ensure the products present an acceptable risk to the AFIN and is included in the security authorization package prior to the software being introduced to the network. Assess 10% of all managed systems for Security Technical Implementation Guide (STIG) compliance each month, ensuring all systems have been assessed annually. Other cybersecurity related tasks, as assigned.

Required Skills/Education:

Education: High School Diploma or GED.

Certification Requirements: DoDD 8140 IAM-1; Certification Authorization Professional (CAP) and DISA ACAS Supervisor and Operator Course and DISA Enterprise Mission Assurance Support Service (eMASS) and (GSEC or Security +); CompTIA Security + preferred

Years of Experience: 3+ years of experience in utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS. PPS. Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Prior system administrator or network operator experience with devices supported in the contract.

Travel: Yes (less than 10%)

Security Clearance Required: Top Secret w/ SCI Eligibility

Position Type: Full Time

Work Location: Hybrid - Maxwell AFB, Gunter Annex AL

Expected hourly range: $33.65 to $40.38

Agency submissions are not being accepted at this time.

For more information on Sumaria Systems, please visit our website at www.sumaria.com.

Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status.

Sumaria is a Full Lifecycle Engineering, Technical Services and Professional Solutions company in support of the Warfighter, supporting modernization, high end services and next generation capabilities in contested domains. Sumaria has been a trusted partner to U. S. Department of Defense for more than 40 years, providing Lifecycle Systems Engineering, Advisory & Analysis/SETA, C5ISR and Enterprise Information Technology solutions. With expertise to lead, insight to deliver and commitment to succeed; we staff each mission with a carefully selected team of seasoned professionals. We're Headquartered in Peabody, MA, and have regional offices across the nation.

Sumaria Systems only provides engineering services to the federal government and does not provide professional engineering or surveying services to the public within the meaning of Ohio Revised Code Section 4733.16.