INFORMATION ASSURANCE ENGINEER

Job Type

Full-time

Description

For almost 40 years Aero Simulation Inc. (ASI) has provided quality flight training devices to the US Military. ASI has successfully built numerous training systems with a primary focus on aircrew and maintenance training systems. Our current programs include, but are not limited to, the B-1 Training Systems (Air Force), E-2D Training Systems (Navy), CH-53E Training Devices (USMC), and IMOMS (Coast Guard). To learn more about ASI visit Aero Simulation | Products and Services for Commercial and Military Training . To learn more about this opportunity, keep reading!

Before we tell you more about the position, we want to tell you why you want a career at ASI! While your work contributes to ASI's mission, ASI supports you and your family! ASI has one of the most competitive benefits packages in the industry. We offer everything from a flexible work schedule to comprehensive medical, life, and voluntary coverage options. Some benefits such as work schedule and bonuses depend on position.

• Flexible Work Schedules - 9/80 work schedule from day one!
• Competitive Salary!
• Sign-On Bonuses
• Paid Holidays
• Paid Off Time - Increases with years of service
• Parental Leave, Bereavement Leave, Jury Duty Leave and Military Leave
• 401(k) - Company Match
• Year End Shutdown - Enjoy holiday time with family during our company paid year end shutdown
• Medical Insurance - ASI pays 100% of Employee premiums plus either spouse or family premiums
• Dental Insurance - ASI pays 100% of Employee premiums
• Vision Insurance - Optional (Employee Paid)
• Long Term Disability - ASI pays 100% Employee premiums
• Short Term Disability - Optional (Employee Paid)
• Health Spending Accounts (HSA)
• Tuition Reimbursement/Student Loan Repayment
• Telework/Work From Home
• Professional Development: Multiple opportunities for personal and professional development through internal training & certification programs and unlimited access to online learning opportunities.

POSITION SUMMARY

Aero Simulation is looking for a mid or senior level Information Assurance Engineer to join the team providing training systems, upgrades, and support to various customers. The successful candidate will interface with other systems engineering disciplines and stakeholders to help ensure that the appropriate security principles, concepts, methods, and practices are applied during the system life cycle to achieve stakeholder objectives for the protection of assets.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Perform Information Assurance Engineer activities for all phases of the system development life cycle utilizing the Risk Management Framework (RMF) in accordance with applicable NIST Special Publications 800 and FIPS series to create, upgrade, and maintain aircraft training devices.
• Provide Information Assurance/Cybersecurity Subject Matter Expertise (SME) engineering support to project teams.
• Define stakeholder security objectives, protection needs and concerns, security requirements, and associated validation methods.
• Select, tailor, implement and assist validating security controls with respect to security categorizations and applicable guidance such as the JSIG, CNSSI 1253, NIST SP 800-37, SP 800-53A, and FIPS-199.
• Define system security requirements and associated verification methods.
• Design, build, configure, implement and maintain security designs for new or existing systems.
• Ensure that the design of hardware, operating systems, and software applications adequately address cybersecurity requirements for the system.
• Participate in an IS risk assessment during the A&A process and design security countermeasures to mitigate identified risks.
• Identify and assess vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats.
• Ensure that system designs support the incorporation of DoD-directed IA vulnerability solutions, e.g., IAVAs.
• Design proactive and reactive security functions encompassed within a balanced strategy to control asset loss and associated loss consequences.
• Provide security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences.
• Identify, quantify, and evaluate the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions.
• Perform system security analyses in support of decision making, risk management, and engineering trades.
• Demonstrate through evidence-based reasoning that security claims for the system have been satisfied.
• Ensure that the implementation of security designs properly mitigate identified threats.
• Document system security design features and provide input to implementation plans and standard operating procedures.
• Assess the effectiveness of information protection measures utilized by systems.
• Provides evidence to substantiate claims for the trustworthiness of the system.
• Generate and submit authorization packages and required artifacts to authorizing officials for an authorization decision.
• Leverage multiple security and other specialties to address all feasible solutions so as to deliver a trustworthy secure system.
• Recognize a possible security violation and take appropriate action to report the incident.
• Organize, develop, and present briefings, written summaries, and written reports.

SUPERVISORY RESPONSIBILITES

This job has no supervisory responsibilities.

Requirements

EXPERIENCE REQUIREMENTS:

MID - 3-7 Years

SENIOR - 7+ Years

BASIC QUALIFICATIONS

• Experience implementing Department of Defense (DoD) security requirements and contract/government information security.
• Experience in managing information systems under the DoD Risk Management Framework (RMF) and the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
• Experience in the DoD vulnerability management process.
• Experience in applying Security Technical Implementation Guide (STIGs) configuration settings to Linux and Windows operating systems and network devices.
• Knowledge of vulnerability scanning software use (ACAS, etc.) and ability to analyze and report the results.
• Knowledge of cybersecurity policies, procedures.
• Knowledge and experience with NISPOM and DoD security related instructions.

PREFERRED QUALIFICATIONS

Specialized experience in one or more:

• Direct experience with Department of Defense (DoD) networks
• Experience with Windows and Linux Systems Engineering and/or Administration
• Experience with Network Engineering and/or Administration
• Experience with Network Security Engineering and/or Administration
• Experience conducting Software Security Assessments
• Experience with Public Key Infrastructure (PKI) Engineering
• Experience with Vulnerability Management (e.g. flaw remediation leveraging tools such as ACAS and WSUS or YUM)
• Experience with Endpoint Security Engineering and/or Administration (e.g. HBSS/ESS)

Certifications:

• Required: Current DoD 8570/8140 IAT Level II Certification (CompTIA Security+ce, CCNA Security, CySA+, etc.)

ADDITIONAL REQUIRED SKILLS AND ABILITIES

• Ability to develop and maintain positive working relationships with internal and external customers.
• Ability to adapt communication style and messaging to different audiences.
• Ability to manage multiple priorities and projects simultaneously, ensuring stakeholder expectations are managed appropriately.
• Ability to work in a project-oriented, fast paced environment to meet deadlines.
• Proficiency in common business software (Microsoft Office - Word, Outlook, Power Point, Excel, SharePoint)

EDUCATION REQUIREMENTS

Bachelor's degree in Cybersecurity, Computer Science, Computer Engineering, Information Technology, Information Assurance, or equivalent experience.

EMPLOYMENT REQUIREMENTS

• Due to contractual requirements must be a United States Citizen
• Must be able to pass an initial background check.
• Must be able to obtain and maintain an active Department of Defense security clearance. Employee/selected candidate will be subject to a government security investigation and must meet eligibility requirements for access to classified information (as required)
• Must be able and willingness to travel (CONUS/OCONUS)
• ASI is a Drug Free Workplace where applicants and employees are required to successfully pass pre-employment and Random drug testing.

PHYSICAL REQUIREMENTS

• Typically, employees sit comfortably to do their work, interspersed by brief periods of standing, walking, bending carrying papers and books, and extensive periods requiring the use of computer terminals to accomplish work objectives.
• Candidate must be able to work in small, confined spaces (simulator cockpits).
• Additional skills may be required to perform additional task(s) specific to work location, department or line of business. Reasonable accommodations may be made to enable qualified people with disabilities to perform the job.

WORK ENVIRONMENT

• Work is primarily performed in an office environment consisting of offices and cubicles with low to moderate noise and bright or dim lighting.
• The work is fast-paced and sometimes involves extreme deadline pressures.
• The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as external customers.

Note: This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications that are required of the employee for the job. Duties, responsibilities, and activities may change at any time with or without notice.

The following policies apply to all areas of employment, including recruitment, hiring, training and development, promotion, transfer, termination, layoff, compensation benefits, social and recreational programs, and all other conditions and privileges of employment in accordance with applicable federal, state, and local laws.

Candidate Reasonable Accommodation

Candidates requiring a reasonable accommodation, as defined by the Americans with Disabilities Act, must notify Aero simulation, Inc. by e-mail at [email protected] or by calling directly at 813-867-4447.

ADA Policy

It is the policy of ASI to comply with all the relevant and applicable provisions of the Americans with Disabilities Act (ADA) and its Amendments. ASI will not discriminate against any qualified employee or job applicant with respect to any terms, privileges, or conditions of employment because of a person's physical or mental disability. ASI also will make reasonable accommodation wherever necessary for all employees or applicants with handicaps, disabilities, provided that the individual is otherwise qualified to safely perform the duties and assignments connected with the job and provided that any accommodations made are not an undue hardship for ASI.

Equal Employment Opportunity

ASI is proud to be an Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, domestic/civil partnership or marital status, national origin, disability, status as a protected veteran or any other characteristic protected by law. We strive for everyone to be valued, connected, and empowered to reach their potential and contribute their best.

Pay Transparency Policy Statement

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise, have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.