Cybersecurity Engineer, Journeyman
Torch Technologies, Inc. · Hanscom AFB, MA · 2 wk ago
Information Technology$135k–$150k/yrFull-time
About the role
Torch Technologies is seeking a Cybersecurity Engineer, Journeyman to support the Air Force Life Cycle Management Center Electronic Systems PEO (AFLCMC/ES) at Hanscom AFB, MA.
Responsibilities
- Assist in the development of security documentation including System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, and other required system security engineering artifacts.
- Support RMF Authorization and Accreditation (A&A) activities, ensuring compliance with DoD and Air Force cybersecurity policies.
- Manage system user accounts, ports/protocols, PKI requirements, and access control lists.
- Implement and track system security updates, configurations, and vulnerability remediation in accordance with DoD requirements.
- Conduct risk and vulnerability assessments; recommend security policies, contingency plans, and disaster recovery procedures.
- Participate in system/network design to ensure alignment with security policies.
- Provide leadership in analyzing and integrating cybersecurity requirements into system design and operations.
- Review and assess the implementation of RMF security controls across system architecture, documentation, and design artifacts.
- Collaborate with stakeholders to ensure RMF A&A approval by all Authorizing Officials.
- Maintain and audit databases for classified information, visits, and clearances.
- Support classified material handling, accountability, and compliance with security classification guides.
- Develop and deliver security awareness training and education programs.
- Prepare and review acquisition security documentation and ensure compliance with CDRLs.
- Plan and implement security-related surveys, assessments, and evaluations throughout the program life cycle.
Requirements
- U.S. Citizenship
- Bachelor’s degree in a professional engineering discipline and at least 7 years of experience in the respective technical/professional discipline, 3 of which must be in the DoD.
- Security + certification is required.
- Understanding of cybersecurity in DoD cloud infrastructure.
- Knowledge of Agile methodologies including CI/CD, DevSecOps, and DevOps.
- Strong ability to communicate technical topics effectively in both written and verbal forms.
- Stig compliance, Risk Management Framework (RMF) implementation and documentation, DoD cyberSTIG, Security policies and compliance, System Authorization and Accreditation (A&A) processes, DoD cloud infrastructure security, Agile development methods including CI/CD, DevSecOps, and DevOps, Security risk, vulnerability, and contingency planning, PKI management and access control, Classified material handling and accountability.
- Strong verbal and written communication skills for both technical and non-technical audiences.
- Able to collaborate with government, contractor, and industry stakeholders.
- Able to solve problems and think analytically.
- Able to work independently and manage multiple priorities in a fast-paced environment.
- Able to adapt to evolving program requirements and security challenges.
- Must have and maintain an active Secret security clearance.
Qualifications
- Must have and maintain an active Secret security clearance.
Skills
- Security + certification
- Agile methodologies including CI/CD, DevSecOps, and DevOps
- Communication skills (written and verbal)
- Security risk, vulnerability, and contingency planning
- PKI management and access control
- Classified material handling and accountability
Benefits
- ESOP participation
- 401(k) match and safe-harbor contribution
- Medical, dental, vision, life insurance, short-term disability, long-term disability
- Flexible spending accounts, Health Savings Accounts and Health Reimbursement Accounts
- EAP
- Education assistance
- Paid time off
- Holidays