Camber Corporation Information Assurance Systems Engineer Level 3 15668 in O'Fallon, Illinois
As a member of the Black Team, be responsible for the execution of Cybersecurity, Risk Management Framework (RMF), Assured Compliance Assessment Solution (ACAS), Enterprise Mission Assurance Support Service (eMASS), and other Information Assurance (IA) functions required to support over 48 Aircraft Training Systems (ATSs) and Maintenance Training Systems (MTSs) at over 184 locations worldwide for the Simulators Division, Air Force Lifecycle Management Center (AFLCMC/WNS).
Support the approved LVC-OT cyber security strategy and how it is implemented across the simulator fleet. Conduct and review cybersecurity requirements to include all RMF Assess and Authorize (A&A) activities associated with Live, Virtual, and Constructive Operational Training (LVC-OT) systems, networks, and ranges. Be certified to perform Information System Security Manager (ISSM) level functions and other cybersecurity functions as listed below:
Provide Simulator Common Architecture, Requirements, and Standards (SCARS) technical and operational cybersecurity support. Identify and recommend migration paths for simulator functionality from current decentralized states to a future centralized state that accommodates common functionality. Analyze, assess, define, and recommend cyber-secure enterprise-level centralized cloud datacenter (CCD), local cloud technologies, architectures, storage of correlated data sets, etc.
Travel to 48+ system sites to assist contractor support personnel in the application and compliance with DoD and Headquarters Air Force (HAF) implementation of the RMF and security migration efforts. Conduct fully credentialed vulnerability and compliance scans using the Simulator Environment Network Tool for Risk Management Framework Implementation (SENTRI) solution, which incorporates the mandatory ACAS software. Conduct SENTRI sustainment activities, regression scans, and provide results to the Authorizing Official (AO). Adhere to USCYBERCOM TASKORDs and recommend patches, hot fixes, and countermeasures to mitigate high and critical findings. Provide and coordinate classified transport of tools to operationalize the on-site simulator.
Sustain the SENTRI Cyber Test Range and Rack to gather and push government and support contractors' approved patches to AFLCMC/WNS training system sites, and to maintain all organizational and system-related cybersecurity documentation to include Service Level Agreements and Memorandums of Agreement in relation to a simulator's common architecture components.
Support the System Information System Owner (ISO), with establishing, maintaining, and tracking the security plans within eMASS in accordance with steps 1- 5 of the RMF process as documented at the RMF Knowledge Service, and produce the five artifacts described in steps 1- 5 for the system owners to ensure Information Assurance and Computer Security is incorporated into the full life cycle of systems in computer and network infrastructure at all classification levels. This includes establishing Management Internal Control Toolset checklists for inclusion into the Air Force Inspection System.
Assist local and remote Information Owners in achieving consistent application and implementation of network and system security policies, countermeasures, and procedures under development and fielded at user sites.
Serve as an ISSM or ISSO. Assist the local and remote System ISSMs and/or Information System Security Officers (ISSOs) in developing and maintaining organizational and system-level cybersecurity that includes secure architecture, IA requirements, cybersecurity objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures. Manage and update cybersecurity information to include verifying artifacts are properly documented in eMASS. Verify ISSOs are appointed in writing, and verify that ISSOs are following established cybersecurity policies and procedures. Ensure the secure configuration and approval of information technology below the system level. Recommend procedures and corrective measures to initiate when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO. Assess the accuracy and completeness of system accreditation packages in accordance with RMF to increase the overall security posture of the programs. Provide a centralized management approach to address and sustain a Cybersecurity Plans of Action and Milestones (POA&Ms) for the tracking and resolution of security controls.
Develop and provide information assurance (lA) and cybersecurity training courses, guides, and instructions to increase awareness of assigned personnel of the changing lA environment and facilitate streamlining of the RMF processes in the future. Analyze, Design, Develop, Implement, and Execute in residence or on-site training for government, civilian, and contractor support personnel in SENTRI Installation and Configuration, SENTRI Scan Operations (covers ACAS), RMF Steps 1-5, and eMASS processes and procedures.
Within eMASS: fully document (including artifacts) all controls in all families, create and generate security plans, support RMF Steps 1 - 6, and create POA&Ms for non-compliant and non-applicable controls. Review system artifacts (i.e., documents) to determine if they are completed and current.
Perform hands-on testing of system security features, as well as witness first-hand, through facility visits, the actual processes related to each IA/security control. Use tools such as SENTRI scanners (which include ACAS SecurityCenter and Nessus) to verify Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) and Security Content Automation Protocol (SCAP) compliance.
Develop and report relevant metrics and information on cyber security, RMF, CM, and security control status of networks and systems. Conduct analysis of findings on multiple unclassified and classified networks and systems (for purposes of controls, references to documents, etc. that are not acceptable, i.e. policies, procedures, and processes shall be provided within the assessment procedure).
The selected applicants will be subject to a security investigation and must meet eligibility requirements for access to classified information.
Camber is now part of the Integrated Mission Solutions Group of Huntington Ingalls Industries Technical Solutions Division.
Camber Corporation employs a diverse mix of skilled professionals who apply their knowledge and experience to creating innovative new solutions for a variety of Government, commercial, and international customers.
Founded as an 8(a) company in 1990, Camber Corporation’s management had the entrepreneurial vision to recognize how existing and emerging technologies could help solve long-standing as well as newly identified problems in the public sector market.
Camber’s initial success with our first customers brought additional work resulting in the hiring of energetic and creative new employees. Within five years, Camber was named to Inc. ’s list of fastest growing companies in the United States (1995, 1996) specializing in: Aviation Sensors and Simulations; Chemical, Biological, Radiological, Nuclear, and Explosives (CBRNE) research and development; training and logistical support; project management using Earned Value Management Systems (EVMS); training; and information technology support.
Camber graduated from its 8(a) status in 1998 and has continued to add highly specialized capabilities to its portfolio of services to include: Agile Software Engineering & IT; All Hazards; Modeling, Simulation and Training; Unmanned Systems, Intelligence Analysis and Operations; and Engineering and Management. We are accredited in national and international standards, including ISO 9001:2008, ISO 20000, and CMMI ML-3, and use these standards to ensure our services and products are consistent and of the highest quality.
Camber Corporation is headquartered in Huntsville, AL with a major workforce concentration in the Washington D.C. / National Capital Region and other locations in the U.S., Europe, the Middle East and Asia.
Camber Corporation is an Equal Opportunity Employer EOE/AA Minorities/Females/Veterans/Disabled