MAINSAIL Group is seeking a Senior Cybersecurity Engineer (ISSM) located at Wright-Patterson Air Force Base in Dayton, Ohio to support our EPASS Contract. As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the Defense Enterprise Accounting and Management System (DEAMS) is an accounting Enterprise Resource Planning (ERP) solution based on the Oracle-Business Suite (EBS), for the USAF and the United States Transportation Command (USTRANSCOM) as established by the Assistant Secretary of the Financial Management and Comptroller (SAF/FM). DEAMS provides accurate and timely financial information using standardized business rules and processes and complies with existing laws, regulations and policies. DEAMS is a long-term solution toward sustaining audit readiness and correcting financial reporting weaknesses. The Program and Functional Management Offices reside at Wright-Patterson AFB in Dayton, Ohio.
The Information Systems Security Manager (ISSM) has the knowledge, experience and recognized ability to be considered highly skilled in their technical/professional field. Possesses the ability to perform tasks independently and oversee the efforts of junior and journeyman contractor personnel within the technical/professional discipline. Demonstrates advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise (Program Office, Enterprise and Staff Level Support interface).
All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to:
Experience performing cybersecurity duties as outlined in DoDI 8500.01, AFI17-130, and AFI 17-1301 for assigned AF IT.
Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.
Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.
Experience with conducting information security continuous monitoring (ISCM)by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.
At a minimum, the successful candidate will meet the requirements for and maintain an IAM Level III Cybersecurity certification by possessing at least one of the following certifications as directed by DoD 8140 and outlined in DoD8570.01 -M, Appendix3, Table 2,2 AFMAN 17-1303:
Additional Desired Certifications
The following skills are highly desirable but not required for this position:
Working knowledge of the Agile Development methodology
Experience using any, or all, of the following tools (Desired):
This position requires a highly motivated individual with experience in cybersecurity support. The successful candidate will provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official’s Information System’s Continuous Monitoring (ISCM) strategy.
The ISSM is the primary cybersecurity technical advisor to the AO, PM, and ISO. The ISSM ensures the integration of cybersecurity into, and throughout, the lifecycle of the IT, on behalf of the AO and in accordance with DoDI8510.01 for the following: