Cybersecurity Sme - Hybrid

Diaconia is looking for a talented Cyber Security SME to join our Amazing team! If you're looking to join a company that truly appreciates you and your talents, look no further! At Diaconia, we are committed to serving and caring for our colleagues, our clients and our community. Our team is made up of talented individuals who appreciate having the opportunity to contribute their knowledge and experience to further the growth and development of our industry. Our ideal candidates embrace diverse thinking, enjoy partnering with others and are seeking to make a difference! We are currently searching for a full-time member for our team for the position of: Cybersecurity SME ***Active U.S. Government DoD Secret or Top Secret Clearance Preferred *** **U.S. Citizenship is REQUIRED** Position Responsibilities: General Summary: Responsible for the maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified). This position will require the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems. The individual shall perform system trusted downloads, burning classified Compact Discs (CDs), maintain and update host system. Have knowledge of the Systems Security Engineering disciplines to include Anti-Tamper, Trusted Systems & Networks, Cybersecurity, Hardware/Software/Firmware Assurance, Supply Chain Risk Management, Acquisition Security, Cyber Resiliency, and Information Protection. Support the Systems Engineer with program engineering milestone reviews, test planning, and certification and accreditation packages. Assist the Information Systems Security Manager (ISSM) and provide multi-discipline expertise covering project management, system security engineering, system administration, and network administration. Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported

• Identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the result Conducting Supply Chain Risk Management (SCRM ). Developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP. Provide subject matter expertise as needed to the directorate's capability development planning activities conducted under AFI 61-101, Management of Science and Technology
• These include DoDI 8500.01, Cybersecurity , DoDI 8510.01, RMF for DoD IT , JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02. Provide cybersecurity support to assigned systems and shall assist in developing, modifying, reviewing, or coordinating items that include, but are not limited to: PIT determination package, cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP. Provide RMF expertise and support for PIT products or other non-traditional products which may be evaluated or implemented under the provisions of DoDI 5000.02, AF 17-series directives, AFI 61-101 or AFGM 2018-63-146-01 to include review required program office artifacts and make recommendations to support cybersecurity RMF analysis. Assist in evaluating the technical implementation of the security design to ascertain that security software, hardware and firmware features affecting confidentiality, integrity, availability, accountability, and non-repudiation have been implemented as documented in the Director of Central Intelligence Directive (DCID) 6/3, JSIG, DoDI 8500.01, DoDI 8510.01, and NIST 800-53, and that the features perform properly. Assist in documenting and reporting IV&V test plans, results, anomaly reports, recommendations, activity reports and other special reports as required. Assist in performing cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation, and to support final approval for Interim Authority to Test (IATT), Interim Authority To Operate (IATO), Authority To Operate (ATO), and/or Authority To Connect (ATC). Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results. Assist the Government in conducting Supply Chain Risk Management (SCRM). Assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy, SEP, PPP, and SSP Required Experience: Minimum of 10 years of Cybersecurity Experience, with 5 of that in the US Department of Defense (DoD) SME subject matter expertise for rapid acquisition activities including rapid prototyping and fielding conducted under AFGM 2018-63-146-01 Rapid Acquisition Activities or subsequent publication
• Provide capability development planning and rapid acquisition activities, provide technical assistance, expertise and support for technical solutions which involve products not normally found in the DoD weapon systems acquisition programs such as COTS products, commercial items, and non-developmental items as defined in FAR Parts 2 and 12, or technologies developed by non-traditional contractors. Already possess or willing to obtain within 6 months of hire: Appropriate baseline DoD 8570 certification and continuing education for their assigned position category or specialty and level. Possesses the advanced knowledge, experience, and recognized ability to be considered an expert in the technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and journeyman personnel within the technical/professional discipline Will demonstrate advanced knowledge of technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures, and practices in their area of expertise US Citizenship required; Active Secret Clearance with the ability to obtain and maintain DoD TS/SCI clearance after start date Preferred Qualifications Active DoD 8570 certification Active TS/SCI clearance Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Diaconia is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
• These include DoDI 8500.01, Cybersecurity, DoDI 8510.01, RMF for DoD IT, JSIG, NIST 800-53, and directives/guidance identified in DoDI 5000.02. Developing and manage PIT determination packages , to include cybersecurity strategy (formerly IAS), System Security Plan (SSP), system controls traceability matrix, risk assessment report, plan of action and milestones, security assessment plan, artifacts for program review and RFP. Managing, planning, documenting, and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems
• Proficiency with Windows Operating Systems (OS), Windows group policy objects, DoD Cybersecurity, National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), Endpoint Security System (SS)/Host-based Security System (HBS) and DoD Public Key Infrastructure (PKI). Understanding of Security Directives applicable to Platform Information Technology (PIT), PITI and non-PIT systems being supported