Posted today
Top Secret
Unspecified
Unspecified
IT - Security
Dayton, OH (On-Site/Office)•Beavercreek, OH (On-Site/Office)
MTSI is seeking a Cloud Security Engineer to support the Air Force Rapid Sustainment Office's (RSO) Digital Architectures and Capabilities (DAC) branch. The RSO leverages new/emerging, mature, and disruptive technologies to dramatically improve USAF readiness and collaborates with industry, academia, and other government organizations to push the bounds of innovation and generate concepts that solve problems at the speed of user need. DAC employs artificial intelligence (AI)/Machine Learning (ML) to optimize fleet maintenance and predict/prevent aircraft failure and leverages digital technologies to identify supply chain challenges, enable development of advanced manufacturing/repair and Multi-Capable Airmen capabilities, and unlock decision advantage through the digitalization of maintenance processes.
The Cloud Security Engineer will support the Program Executive Officer, Program Managers, and Cyber Lead(s) in fielding secure capabilities to the Warfighter; optimize execution via risk-informed decision cycles and cyber-integrated capabilities, products, and processes; and manage and preserve implementation of the confidentiality, integrity, and availability triad across multiple efforts.
Responsibilities:
• Develop and tailor cybersecurity requirements for organic, commercial, and/or small-business technology prototypes, ensuring alignment with DoD/DAF standards, risk tolerance levels, and operational feasibility.
• Apply cybersecurity concepts and techniques to cloud computing service and deployment models, identifying proper architecture for different operating environments.
• Apply defense-in-depth controls against known vulnerabilities.
• Develop policies, procedures, and guidance that reflect system security objectives.
• Provide input to the Risk Management Framework (RMF) process activities and related documentation.
• Ensure the system security posture is maintained and work in close collaboration with the system integrator, Program Management Office (PMO), and other stakeholders to protect information and information systems.
Required Qualifications:
• 10+ years' experience with design, development, testing, and evaluation of cybersecurity throughout the system development life cycle.
• 5+ years' hands-on experience with DoD RMF.
• 5+ years' experience with commercial cloud services (i.e., Azure, Amazon Web Services, Google Cloud Platform).
• Knowledge and experience with current industry methods for evaluating and implementing security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Skill in conducting audits or reviews of technical systems.
• Strong oral and written communication skills with experience advocating for the necessary resources to support cybersecurity goals and objectives.
Desired Qualifications:
• Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
• Skill in conducting system vulnerability assessments and recognizing vulnerabilities in information systems and networks.
• Skill in the use of penetration testing tools and techniques, including specialized tools for non-traditional systems and networks.
• Knowledge of the systems engineering process.
Education Requirements:
• Master's degree in information technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution; a bachelor's degree and 18 years of relevant experience may be substituted for a master's degree
Certification Requirements:
One or more of the following certifications:
• Certified Cybersecurity Engineer (CCE)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Officer (CISSO)
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• Certified Penetration Testing Engineer (CPTE)
• Cybersecurity Analyst (CySA+)
• FITSP-Auditor
• FITSP-Designer
• FITSP-Manager
• GIAC Cloud Security Automation (GCSA)
• GIAC Penetration Tester Certification (GPEN)
• GIAC Security Essentials Certification (GSEC)
• GIAC Security Leadership (GSLC)
• GIAC Systems and Network Auditor Certification (GSNA).
Clearance Requirements:
• Ability to obtain and maintain a Secret security clearance. Top Secret Clearance preferred.
• U.S. Citizenship is required for this position.
#LI-D1
The Cloud Security Engineer will support the Program Executive Officer, Program Managers, and Cyber Lead(s) in fielding secure capabilities to the Warfighter; optimize execution via risk-informed decision cycles and cyber-integrated capabilities, products, and processes; and manage and preserve implementation of the confidentiality, integrity, and availability triad across multiple efforts.
Responsibilities:
• Develop and tailor cybersecurity requirements for organic, commercial, and/or small-business technology prototypes, ensuring alignment with DoD/DAF standards, risk tolerance levels, and operational feasibility.
• Apply cybersecurity concepts and techniques to cloud computing service and deployment models, identifying proper architecture for different operating environments.
• Apply defense-in-depth controls against known vulnerabilities.
• Develop policies, procedures, and guidance that reflect system security objectives.
• Provide input to the Risk Management Framework (RMF) process activities and related documentation.
• Ensure the system security posture is maintained and work in close collaboration with the system integrator, Program Management Office (PMO), and other stakeholders to protect information and information systems.
Required Qualifications:
• 10+ years' experience with design, development, testing, and evaluation of cybersecurity throughout the system development life cycle.
• 5+ years' hands-on experience with DoD RMF.
• 5+ years' experience with commercial cloud services (i.e., Azure, Amazon Web Services, Google Cloud Platform).
• Knowledge and experience with current industry methods for evaluating and implementing security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Skill in conducting audits or reviews of technical systems.
• Strong oral and written communication skills with experience advocating for the necessary resources to support cybersecurity goals and objectives.
Desired Qualifications:
• Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
• Skill in conducting system vulnerability assessments and recognizing vulnerabilities in information systems and networks.
• Skill in the use of penetration testing tools and techniques, including specialized tools for non-traditional systems and networks.
• Knowledge of the systems engineering process.
Education Requirements:
• Master's degree in information technology, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution; a bachelor's degree and 18 years of relevant experience may be substituted for a master's degree
Certification Requirements:
One or more of the following certifications:
• Certified Cybersecurity Engineer (CCE)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Officer (CISSO)
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• Certified Penetration Testing Engineer (CPTE)
• Cybersecurity Analyst (CySA+)
• FITSP-Auditor
• FITSP-Designer
• FITSP-Manager
• GIAC Cloud Security Automation (GCSA)
• GIAC Penetration Tester Certification (GPEN)
• GIAC Security Essentials Certification (GSEC)
• GIAC Security Leadership (GSLC)
• GIAC Systems and Network Auditor Certification (GSNA).
Clearance Requirements:
• Ability to obtain and maintain a Secret security clearance. Top Secret Clearance preferred.
• U.S. Citizenship is required for this position.
#LI-D1
group id: RTL041421
N
