<p>Job Title: Cybersecurity ISSO (Journeyman)</p> <p>Location: Kettering, OH 45409</p> <p>Crossflow Technologies, Inc. has an exciting opportunity for a Cybersecurity Engineer (ISSO) located Kettering, OH (Dayton/WPAFB area) to support our EPASS GB contract. As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), the Digital Enterprise Solutions (DES) program conducts strategy and innovation planning activities to support the functional community when performing IT-focused capability-based planning and requirements development for PEO BES Defense Business System (DBS) initiatives. Early acquisition activities include requirements analysis; concept development; trade space evaluation; cost estimating; identification of technology maturity, risk drivers, needs, and opportunities; product support; and acquisition life cycle planning.</p> <p>The successful candidate will provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01. Support includes assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official's Information System's Continuous Monitoring (ISCM) strategy.</p> <p>This position requires a highly motivated cybersecurity ISSO professional who is responsible for ensuring the appropriate operational security posture is maintained for the assigned IT. This includes the following related to maintaining situational awareness and initiating actions to improve or restore cybersecurity posture:</p> <ul> <li> <p>Implements and enforce all AF cybersecurity policies, procedures, and countermeasures.</p> </li><li> <p>Completes and maintains required cybersecurity certification IAW AFMAN 17-1303.</p> </li><li> <p>Ensures all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT according to AFMAN 17-1301.</p> </li><li> <p>Maintains all authorized user access control documentation IAW the applicable AF Records Information Management System.• Ensures software, hardware, and firmware complies with appropriate security configuration guidelines, e.g., security technical implementation guides/security requirement guides.</p> </li><li> <p>Ensures proper configuration management procedures are followed prior to implementation and contingent upon necessary approval.</p> </li><li> <p>Coordinate changes or modifications with the system-level ISSM, SCA, and/or the Wing Cybersecurity office.</p> </li><li> <p>Initiates protective or corrective measures, in coordination with the ISSM, when a security incident or vulnerability is discovered.</p> </li><li> <p>Reports security incidents or vulnerabilities to the system-level ISSM and wing cybersecurity office according to AFI 17-203, Cyber Incident Handling;</p> </li><li> <p>Initiates exceptions, deviations, or waivers to cybersecurity requirements.</p> </li></ul> <p>Job Requirements</p> <p>The Information Systems Security Officer (ISSO) has the knowledge, experience and demonstrated ability to perform tasks related to the technical/professional discipline they are performing. Typically works independently and applies the proper procedures and processes related to their area of expertise. Has the ability to problem solve and troubleshoot various situations to develop successful outcomes within established program/project guidelines. Work is performed independently or under the oversight of more senior contractor employees (Program Office and Staff Level Support interface).</p> <p>All Cybersecurity professionals should possess experience providing guidance on the following to include, but not limited to:</p> <ul> <li> <p>Access control.</p> </li><li> <p>Configuration management.</p> </li><li> <p>System and communications protection.</p> </li><li> <p>Contingency planning.</p> </li><li> <p>Incident handling.</p> </li><li> <p>System and information integrity.</p> </li><li> <p>Security and privacy training and awareness; and,</p> </li><li> <p>Software development activities, software and tools related to Cybersecurity.</p> </li><li> <p>Experience performing cybersecurity duties as outlined in DoDI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.</p> </li><li> <p>Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.</p> </li><li> <p>Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.</p> </li><li> <p>Experience with conducting information security continuous monitoring (ISCM) by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.</p> </li></ul> <p>EDUCATION:</p> <p>Bachelor's or Master's Degree in a related field and at least three years of experience in the respective technical/professional discipline being performed, three of which must be in the DoD</p> <p>OR, seven years of directly related experience with proper certifications, five of which must be in the DoD.</p> <p>CERTIFICATION REQUIREMENTS:</p> <p>At a minimum, the successful candidate will meet the requirements for and maintain a personnel certification associated with the DCWF ISSO work role (722) at an intermediate (journeyman) proficiency level as outlined in DoDI 8510.01, AFMAN 17-1305 and AFI 17-101 for assigned systems/applications:</p> <ul> <li>(ISC)2 CGRC/CAP </li><li>CompTIA CASP+ </li><li>(ISC)2 CCSP </li><li>CompTIA Cloud+ </li><li>(ISC)2 SSCP </li><li>CompTIA Security+ CE </li><li>(GIAC) GSEC </li></ul> <p>OTHER QUALIFICATIONS:</p> <p>Candidate must be a US Citizen</p> <p>Candidate must possess and be able to maintain a T3/Secret Clearance</p> <p>U.S. Citizenship Required for this Position: Yes</p> <p>Job Type: Full time</p> <p>Security Clearance: Tier 3/Secret</p> <p>Schedule: (M-F; 8-5)</p> <p>Work Location: Kettering, OH</p> <p>Travel: <10%</p> <p></p> <p>Relocation Assistance Available: No</p> <p>Position Contingent Upon Award of Contract: No</p> <p>Equal Opportunity/Affirmative Action Employer:</p> <p>Crossflow ensures that employment decisions and personnel actions are administered fairly, equitably, and in compliance with the federal, state, and local laws and regulations governing EEO and personnel management. All qualified individuals will receive consideration for employment opportunities without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.</p> <p>Why Crossflow?</p> <p>Crossflow Technologies is proud to offer such wonderful benefits and perks to our employees; however, we feel the biggest perk is our company culture. We harbor a culture that extends down to the individual level by hiring people who understand and embrace our company values. Values like fervently protecting work-life balance and celebrating the achievements of others. To help guide and shape this environment, we strive to solicit feedback as frequently as possible through direct conversations and anonymous input. We take great pride in the fact that we've won the Best Places to Work award for the past four years - particularly when paired with having made the Inc. 5000 list for growth the same four years. To us, this demonstrates our ability to effectively scale our culture showing that Crossflow has been and continues to be, a place that people want to be.</p> <p>Benefit-Eligible Employee Perks:</p> <p>EXCEPTIONAL HEALTH, DENTAL, AND VISION COVERAGE</p> <p>Crossflow is pleased to offer employees with exceptional single and family options for health, dental, and vision coverage. Payments are taken from the first two paychecks of each month. At a glance,</p> <ul> <li>Health coverage choices (including an HSA) ranging from $0.00 to $146.40; </li><li>Dental coverage ranges from $4.00 to $15.00; and </li><li>Vision coverage ranges from $4.33 to $11.41. </li></ul> <p>CROSSFLOW KUDOS SPOT BONUS PROGRAM</p> <p>We created a unique performance bonus program called Crossflow Kudos. Throughout the year, employees are nominated by other employees, company leads, and even individuals outside of Crossflow to receive additional compensation and personal recognition for their positive work. There are six broad categories in which employees can earn Kudos awards.</p> <p>401(k) RETIREMENT PLAN & COMPANY MATCHING</p> <p>Crossflow uses Principal as our 401(k) plan sponsor. Employees can choose payroll deduction and fund investing options. Payroll deductions will begin the month following your enrollment. Crossflow matches 100% of the first 3% of compensation, plus 50% of the next 2% of compensation.</p> <p>HIGHER EDUCATION ASSISTANCE PROGRAM</p> <p>Crossflow offers education assistance to benefit-eligible employees for degree programs at their director's discretion. Crossflow feels that a well-rounded education, even outside of an employee's current role, can enhance an employee's skillset and increase the company's value.</p> <p>GENEROUS PTO ACCRUAL & FLEXIBLE LEAVE POLICY</p> <p>Crossflow currently grants 11 federally observed paid holidays. In addition to these holidays, Crossflow offers a minimum of 2 weeks of paid time off (PTO) to all full-time employees. Employees may utilize PTO for any reason (sickness, vacation, personal day, etc.) and can carry over a maximum of 120 hours from year to year. Many employees are authorized to work additional hours within a normal, forty-hour pay period. This approval is included in the employee's offer letter for employment. These extra hours may be banked for compensatory (comp) time off.</p> <p>PAID PARENTAL & BEREAVEMENT LEAVE</p> <p>To help our employees be present with family during major life events, Crossflow provides additional PTO. We offer varying types of paid Parental Leave to aid birthing, non-birthing, and adoptive parents transition into parenthood. Crossflow also recognizes the importance of supporting employees who endure a death in their family by providing up to 5 days of paid Bereavement Leave a year.</p> <p>PROFESSIONAL DEVELOPMENT FUNDING</p> <p>We support employees who seek out personal or professional growth opportunities through a myriad of enabling programs to further equip themselves. Professional Development includes, but is not limited to, training courses, certificate programs, memberships to industry groups, and materials.</p> <p>EMPLOYEE DRIVEN COMMUNITY ENGAGEMENT</p> <p>We create as many opportunities as possible for employees to meet and build community. We offer monthly team bonding activities, allowing team members to assemble on a different level than at work. In addition to these gatherings, in 2021 we established Crossflow Cares, an employee-owned and operated charitable organization focused on awarding grants and providing volunteers to local non-profits. Furthermore, Crossflow Technologies is committed to serving the public by investing a large portion of our net income in the greater Huntsville/Madison County area.</p> <p>MENTORSHIP PROGRAM & MORALE LUNCHES</p> <p>The most successful people in the world always have a terrific team behind them, and Crossflow chooses to be the team behind the people, cheering our employees on to meaningful successes. Our Mentorship Program involves strategically pairing a protégé with a mentor who understands an employee's career aspirations and provides coaching towards that goal. A less structured version of this is our Morale Lunch program. We committed a portion of our budget to support our leads to meet with their team members over lunch and facilitate quality catch up sessions. The morale lunches have become a great tool for maintaining open communication and gaining insightful feedback.</p>