Cybersecurity, Journeyman

TieTalent
Bedford
1 month ago
Applications closed

Related Jobs

View all jobs

Cybersecurity Solutions Engineer

Cybersecurity Assurance Consultant

Cybersecurity (Infrastructure) Engineer

Cybersecurity (Secure Software/Cloud Integration) Engineer

Cybersecurity Officer

Cybersecurity Consultant

Job Title: Cybersecurity, Journeyman

Job Description:

Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01.

Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF) to support the AOC WS request for variance process). Review, validate, and work with the AOC WS ISSM to support the approval for both Site and Supported Requests for Variance (RFV) for over 20+ sites.

Support the approval or denial based on SPO Cyber RFV checklist Appendix D, as documented in Request for Variance Business Process for the Air Operations Center, ABP 005. Review RFV artifacts including the site security test reports, PPSM, site POA&M, and all applicable cyber documentation then draft recommendation to the AOC WS ISSM.

Provide Validation and Verification Assessment (VVA) Support implementing the continuous monitoring outlined in the AOC WS Continuous Monitoring Plan and AFI 17-101, Step 6 of RMF. Conduct VVA IAW Program Management Office (PMO) Validation and Verification Assessment (VVA) Business Process Guide, ABP 024.

Boots on Ground Assessment - Provide security assessments of subset of AOC WS baseline systems. Firewall evaluation IAW Annex E (approved PPSM for AOC WS). Network evaluation IAW AOC WS CM releases. Windows server/clients and Red Hat server evaluations IAW AOC WS CM releases. Assess GPOs applied, Patches, ePO Policy settings, etc.

Develop site specific worksheet/POA&M and provide to site to close open finding. Work with site to ensure all open findings are closed IAW cyber plan/previously released CSUs and AREs. Work with PC to determine root cause of open findings/missing from current documents, missing scripts, etc.

JIRA Support - Work with site to open tickets to help resolve cyber issues. Provide security assess and validate RFVs configurations IAW RFV test data and documentation. Update, monitor, and manage information in systems for the program office. Process and manage system user account requests and process tools. Process and manage system port/protocol and access control list requirements. Process and manage system Public Key Infrastructure (PKI) identification and authorization requirements.

Manage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoD. Recommend policies and procedures to ensure information systems reliability and accessibility to prevent and defend against unauthorized access to systems, networks, and data. Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needs.

Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ vision and goals. Conduct systems security evaluations, audits and reviews. Recommend systems security contingency plans and disaster recovery procedures. Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.

Participate in network and systems design to ensure implementation of appropriate systems security policies. Recommend initial, or updates to, software and configurations to new or existing system security mechanisms. Obtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system’s mission.

Facilitate the gathering, analysis and preservation of evidence used in the prosecution of computer.

Provide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirements. Develop risk-based strategies to address identified gaps. Review, analyze, and assess implementations of cybersecurity (i.e. RMF security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementation.

Collaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A process. Provide technical advice in the area of systems security across all systems and supports. Develop recommendations for the Government regarding how well designs satisfy current requirements and business goals.

Maintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reports. Support Government program office in audits of Government classified holdings to ensure proper accountability. Maintain databases of classified visits and clearance levels.

Perform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information received. Evaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG). Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directives.

Develop training and provide security awareness and other security education programs. Review and verify personnel qualifications for access to special access programs. Develop, implement and maintain a communications security program. Assess program disclosure issues and provide FMS case management support.

Assist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS).

Support execution of all aspects of acquisition program security throughout a program’s lifecycle. Assist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation security. Update security classification guides.

Prepare acquisition security related sections of acquisition program documentation. Review Contractor deliverables to ensure compliance with CDRLs. Plan and implement security-related surveys, assessments, and studies.

Evaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end items. Provide security support to source selections.

Required Skills/Education:

Understanding of cybersecurity in DoD cloud infrastructure. Understanding of Agile methods, including CI/CD, DevSecOps, and DevOps. Possess the ability to effectively communicate in both written and verbal forms on highly technical topics.

Education: Bachelors or 15 years of experience in the respective technical/professional discipline being performed.

Years of Experience: 7 years of directly related experience, 5 of which must be in the DoD.

Travel: Yes

Security Clearance Required: Secret

Position Type: Full Time

Work Location: Hanscom AFB

Salary: $130K -$140K annually

Top salaries paid for qualified candidates.

Agency submissions are not being accepted at this time.

For more information on Sumaria Systems, please visit our website atwww.sumaria.com.

Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status.

Sumaria is a Full Lifecycle Engineering, Technical Services and Professional Solutions company in support of the Warfighter, supporting modernization, high end services and next generation capabilities in contested domains. Sumaria has been a trusted partner to U. S. Department of Defense for more than 40 years, providing Lifecycle Systems Engineering, Advisory & Analysis/SETA, C5ISR and Enterprise Information Technology solutions. With expertise to lead, insight to deliver and commitment to succeed; we staff each mission with a carefully selected team of seasoned professionals. We're Headquartered in Peabody, MA, and have regional offices across the nation.

Sumaria Systems only provides engineering services to the federal government and does not provide professional engineering or surveying services to the public within the meaning of Ohio Revised Code Section 4733.16.

#J-18808-Ljbffr

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

Jobs Careers

Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market. If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats. To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd. If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

Jobs

Negotiating Your Cybersecurity Job Offer: Equity, Bonuses & Perks Explained

How to Secure Compensation That Reflects Your Value in the UK’s High-Stakes Cybersecurity Sector Introduction As cyber threats grow more sophisticated and frequent, cybersecurity professionals have never been more in demand. From thwarting ransomware attacks to architecting secure cloud infrastructures, mid‑senior cybersecurity experts play a critical role in safeguarding a company’s data and reputation. Thanks to this growing reliance on cybersecurity, employers in the UK are going above and beyond simple salary offers to attract the top echelon of talent. Although base salary remains a key component of any job offer, the broader package—encompassing equity, bonuses, and perks—can often surpass what you’d gain from a small bump in monthly pay. For cybersecurity specialists working in areas such as threat intelligence, incident response, penetration testing, or compliance, the complexity and risk mitigation you bring to the table is massive. Knowing how to negotiate the entire package ensures you are duly rewarded for keeping an organisation’s data, assets, and operations safe. In this guide, we’ll delve into every aspect of negotiating a cybersecurity job offer. Whether you’re pivoting to a mid‑senior role or cementing your expertise at an established security consultancy, understanding the full range of compensation elements will help you secure an offer that acknowledges the criticality of what you do. Let’s explore equity options, performance bonuses, and the perks that matter most, so you can come out of your next job negotiation confident that you’re getting more than just a salary.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.