Cyber Security / COMSEC Lead

Title:
Cyber Security / COMSEC Lead

Belong. Connect. Grow. with KBR!

KBR's National Security Solutions team provides high-end engineering and advanced technology solutions to our customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country's most critical role - protecting our national security.

Why Join Us?

• Innovative Projects: At KBR, you'll be working on prototype projects that support the U.S. Air Force Research Laboratory's most mission-critical objectives. The Air Force Research Laboratory is the primary scientific research and development center for the Department of the Air Force. AFRL plays an integral role in leading the discovery, development, and integration of affordable warfighting technologies for our air, space, and cyberspace force.

• Collaborative Environment: KBR fosters a dynamic and collaborative atmosphere where cross-functional teams of product manager, engineers, developers, and defense experts work in unison. We practice Agile and DevOps principles, ensuring rapid iteration, continuous feedback, and integration across all projects. Our team is passionate, forward-thinking, and united by a mission-first mindset that encourages knowledge sharing, innovation, and problem-solving at every level.

• Impactful Work: Your work here won't just be limited to software development-it will directly support the Air Force in expanding current national capabilities. As the Air Force's leader for National-to-Tactical capability development, AFRL collaborates with leading experts across the Intelligence Community, Department of Defense, National Laboratories, industry, inter-agency, academia, and partner nations.

Key Responsibilities:

• Architect, develop and implement out-of-the-box cyber solutions to meet warfighter needs
• Serve as a cybersecurity advisor to the Government and collaborate with system owners, architects, and developers to ensure end-to-end security
• Serve as the primary agent for all COMSEC material accountability
• Analyze customer requirements and identify the need for cybersecurity solutions
• Develop and maintain a deep understanding of the organization's overall technology landscape
• Create and maintain documentation for systems, enclaves, applications, including design documents, implementation guides, standard operating procedures, and approval paperwork
• Oversee implementation of RMF, NIST SP 800-53, and STIG requirements, ensuring alignment with DoD security mandates
• Perform vulnerability assessments, support remediation, and manage incident response workflows and recovery operations
• Support security documentation, security control assessments, and continuous monitoring in alignment with FISMA
• Perform, evaluate and remediate SCAP, IAVAs, and emerging threat advisories to maintain hardened security posture
• Loading and managing cryptographic keys for High Assurance Internet Protocol Encryptors (HAIPE)
• Provide expert guidance in support of cyber audits, ATO packages, and continuous compliance processes
• Engage with customers to better define the problem space and vision to determine capabilities and priorities for prototypes
• Work across multiple technology stacks, gaining hands-on experience with various languages, frameworks, and tools to support a broad range of applications

Work Environment:

• Location: Colorado Springs, CO - Hybrid or Onsite
• Travel Requirements: Minimal
• Working Hours: Flexible

Qualifications:

Required:

• Security Clearance: Must have an active U.S. government Top Secret security clearance with the ability to obtain SCI SI/TK, which is something only a U.S. citizen can obtain
• Education: BS degree in Computer Science or Information Systems. Other degrees will be considered with relevant work experience.
• 5-8 years of experience in COMSEC, Information Assurance (IA), or a technical engineering field
• One or more of the following certifications (must be current): CISM, CISSO, FITSP-M, GCIA, GCSA, GCIH, GSLC, GICSP, CISSP, CISSP-ISSMP
• DoD 8140/8570 IAT Level II or III certification (e.g., Security+), or ability to obtain within 6 months
• Experience managing cybersecurity projects of similar size and complexity in cloud environments (AWS, Azure, or VMware)
• Experience supporting ATO processes, POA&Ms, and cyber strategy development in federal or military environments
• At least eight (8) years of experience applying the DoD Risk Management Framework (RMF), including: NIST SP 800-53, DISA STIGs, SCAP and IAVAs, FISMA
• Proficiency in NSA/CSS Policy Manual 3-16 and DoD COMSEC regulations
• Knowledge of Linux and Windows Operating Systems
• Knowledge of cybersecurity devices - IDSs, firewalls, CDSs
• Knowledge of networking architecture and devices and supporting infrastructure
• Knowledge of virtualization technologies
• Knowledge of Cybersecurity Process and Approval for Special Access Programs (SAPs)
• Passion for conducting research, tackling complex problems, and continuously learning and adopting new technologies
• Ability to work independently to research and solve customer pain points
• Strong passion for conducting research, tackling complex problems, and continuously learning and adopting new technologies
• Excellent communication and collaboration skills
• Strong problem-solving and analytical skills
• Ability to work in a fast-paced environment and meet deadlines

Desired:

• At least eight (8) years of experience analyzing, assessing, and implementing corrective actions based on vulnerability scanning and penetration testing results
• At least eight (8) years of experience supporting defensive cyber operations for DoD, including incident handling, reporting, system defense, and information recovery
• Prior military or government COMSEC experience
• Previous experience as a COMSEC Responsible Officer (CRO) or Alternative CRO
• DevSecOps experience integrating security measures throughout the entire SDLC
• Proficient in using GitLab for version control, CI/CD pipelines, and collaboration
• Experienced in implementing Agile Software Development methodologies for efficient and iterative project management
• High level of curiosity and investigative mindset with an attention to detail, a tenacity of thought, the flexibility to adapt to new challenges, and the resiliency to overcome short-term hurdles by staying focused on the team's deliverables
• Passion for conducting research, tackling complex problems, and continuously learning and adopting new technologies

Basic Compensation: $166,800 - $250,200 USD Annual

The offered rate will be based on the selected candidate's knowledge, skills, abilities and/or experience and in consideration of internal parity.

Additional Compensation:

KBR may offer bonuses, commissions, or other forms of compensation to certain job titles or levels, per internal policy or contractual designation. Additional compensation may be in the form of sign on bonus, relocation benefits, short term incentives, long term incentives, or discretionary payments for exceptional performance.

Belong, Connect and Grow at KBR

At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team's philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver - Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.