<p>Proposing, coordinating, implementing, and enforcing all Department of the Air Force information system security policies, standards, and methodologies Understanding of vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP) Compliance Checker, incorporating automated Benchmarks in support of an Risk Management Framework (RMF) Approval to Operate decision. Experience reviewing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems Ensures software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., security technical implementation guides /security requirement guides) During system development, recommends protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered. During system development, advises acquisition program leadership on RMF process and artifacts required to obtain an ATO. Coordinates activities of cyber security staff to support program cyber security requirements. 5 years of experience writing and reviewing cyber security requirements in support to DoD system acquisitions. Recommends exceptions, deviations, or waivers to cybersecurity requirements. Preparing certification letters and Memoranda of Agreement (MoA), Authorization to Connect (ATC) packages, Interconnection Security Agreement (SIA), and Security Impact Assessments with system owners for interface and networking implementations Support the SSC with ensuring security, quality, timeliness, mission partner support, completeness, and regulatory compliance of ATO RMF documentation Support the following responsibilities: security control assessor (SCA) and Security Technical Implementation Guide (STIG) curated to DOD/DAF/USSF baselines, audit standards, and plan of actions and milestones (POAM) Attend cleared expert threat briefings; have oversight of security program design, incident response plans, cyber risk assessments, and attack surface assessments, conduct tabletop exercises, and breach readiness reviews Completes and maintains required cybersecurity certification in accordance with (IAW) AFMAN 17-1303. Individuals in this position must be U.S. citizens Required: Active Secret clearance required for position BA or BS degree in engineering, physics, chemistry, mathematics, computer science, network, and telecommunications; information systems, information technology, or computer information systems 7 years of work experience in Information Assurance/Cybersecurity Experience creating reviewing and updating artifacts in support of Risk Management Framework (RMF) DODI 8510.01. Key developer of system security plans, Security Assessment Plans/Reports, Risk Assessment Plan/Report, Plan of Action and Milestones (POA&M), and associated cybersecurity artifacts Experience working in a system program office fielding a new capability Experience identifying Common Criteria and National Information Assurance Partnership (NIAP) certified technologies and the DISA Approved Products List (APL). 10 years of experience working in a military organization in a cybersecurity role with military tactical, space, or enterprise systems. Possess DoD Approved Baseline Certification as Information Assurance Manager Level II in accordance with DoDM 8140.03. (i.e., CompTIA CASP+, CISSP).</p>