Principal Cybersecurity Engineer

Job Locations US-MA-Bedford / Hanscom AFB | US-VA-Hampton | US-NV-Nellis AFB
Job Post Information* : Posted Date 2 weeks ago(7/1/2024 11:27 AM)
Requisition Number
# of Openings
Professional Services


Principal Cybersecurity Engineer

Be the Difference 

Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S.


Astrion has an exciting opportunity for an Principal Cybersecurity Engineer to support the Command, Control, Communications and Battle Management Division (C3BM) which is within the USAF Digital Directorate and located at Hanscom AFB, MA.


The hired candidate will serve as the ISSA / ISSO Manager for C3BM.


This is a full-time position located at Nellis Air Force Base in Las Vegas, Nevada (But there will also be availability to work out of Hanscom AFB, MA OR Langley AFB, VA)


Command, Control, Communications, and Battle Management (C3BM) has been tasked with delivering an integrated Department of the Air Force (DAF) Battle Network providing resilient decision advantage and enabling the USAF, USSF, Joint, and Coalition Force to win against the pacing challenge. C3BM supports execution in many different focus areas. C3BM’s main efforts are Architecture and Systems Engineering (ASE), Operational Response Team (ORT), and multiple mission integration teams such as Air, Maritime and multiple acquisitions consisting of both the Advanced Battle Management System (ABMS) and Space.



  • Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, OPSEC Plans, Computer Certification and Accreditation, Security Vulnerability and Countermeasures Analyses, Security Concepts of Operations, and other system security engineering-related documents identified in MIL-STD 1785, DoDI 5000.02, Operation of the Adaptive Acquisition Framework, and DoDI 8510.01
  • Support the system/application Authorization and Accreditation (A&A) effort to include assessing and guiding the quality and completeness of A&A activities, tasks and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF)
  • Update, monitor, and manage information in systems for the program office
  • Process and manage system user account requests and process tools
  • Process and manage system port/protocol and access control list requirements
  • Process  and   manage  system  Public  Key  Infrastructure  (PKI)  identification  and authorization requirements
  • Manage the distribution, implementation, remediation, and tracking of system security updates and configurations as required by the DoD
  • Recommend  policies  and  procedures  to  ensure  information  systems  reliability  and accessibility to prevent and defend against unauthorized access to systems, networks, and data
  • Conduct risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risk, and protection needs
  • Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations’ vision and goals
  • Conduct systems security evaluations, audits and reviews
  • Recommend systems security contingency plans and disaster recovery procedures
  • Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures
  • Participate in network and systems design to ensure implementation of appropriate systems security policies
  • Recommend initial, or updates to, software and configurations to new or existing system security mechanisms
  • Obtain waivers to mandated security mechanisms/policies which would be detrimental to system performance and impact the system’s mission
  • Facilitate the gathering, analysis and preservation of evidence used in the prosecution of computer
  • Provide leadership assistance in the analysis of the design, development, integration, implementation and testing of cybersecurity requirements
  • Develop risk-based strategies to address identified gaps
  • Review,  analysize,  and  assess  implementations  of  cybersecurity  (i.e.  RMF  security controls) throughout the open systems architecture and associated services, derived requirements specifications, design documents & design implementation
  • Collaborate with stakeholders (Government and commercial) to ensure the system is approved by all Authorizing Officials via the RMF A&A process
  • Provide technical advice in the area of systems security across all systems and supports
  • Develop recommendations for the Government regarding how well designs satisfy current requirements and business goals
  • Maintain databases that reflect receipt, storage, inventory, and disposition of classified information to include data entry, updates, and generation of reports
  • Support Government program office in audits of Government classified holdings to ensure proper accountability
  • Maintain databases of classified visits and clearance levels
  • Perform inspection, inventory, logging, storage, documentation, transmittal and internal distribution of classified information received
  • Evaluate Contractor classified data submittals for compliance with the appropriate System Security Classification Guide (SSCG)
  • Provide security inspection and protection to areas where classified information is being stored, and develop and establish security procedures and policies IAW DOD, USAF, AFMC, and local directives
  • Develop training and provide security awareness and other security education programs 
  • Review and verify personnel qualifications for access to special access programs  
  • Develop, implement and maintain a communications security program
  • Assess program disclosure issues and provide FMS case management support
  • Assist and advise FMS program office management and leadership in interfacing with FMS customers and all USG organizations, including but not limited to SAF/IA, Air Force Security Assistance Center (AFSAC), Air Force Security Assistance Training (AFSAT) squadron, Defense Finance and Accounting Services (DFAS)
  • Support execution of all aspects of acquisition program security throughout a program’s lifecycle
  • Assist with development of sound security practices and policies regarding acquisition, physical, personnel and documentation security
  • Update security classification guides 
  • Prepare acquisition security related sections of acquisition program documentation
  • Review Contractor deliverables to ensure compliance with CDRLs 
  • Plan and implement security-related surveys, assessments, and studies
  • Evaluate program security information and hardware throughout the program life cycle, to include studies, analyses, plans, procedures, production, test plans/results, transportation, technology, and storage of end items.


Citizenship: Must be a US citizen

ClearanceMust have an active US security clearance

Education: BS/BA Degree and 15 years of experience in the respective technical/professional discipline being performed, 10 of which must be in the DoD

  • Risk Management Framework (RMF), with empasis on taking projects from Step 1 to Step 5
  • Vulnerability Management, Tenable Nessus (ACAS-DoD version of Nessus)
  • STIGs

Preferred Requirements:

  • Experience with Cross Domain Solutions and USAF CDS-E
  • Cloud Service Models
  • Supply Chain Security
  • NIAP
  • DoD Policies for Procedures for Cybersecurity
  • Network Security
  • Endpoint
  • DoD Impact Levels
  • NSA Type 1 encryption
  • Working with a CSSP - 16th AF


Additional Information:

Location: Nellis AFB, NV (But can also be out of Hanscom AFB, MA OR Langley AFB, VA)

Travel: Travel may be required per the customer's discretion. 





What We Offer 

  • Competitive salaries
  • Continuing education assistance
  • Professional development allotment
  • Multiple healthcare benefits packages
  • 401K with employer matching
  • Paid time off (PTO) along with a federally recognized holiday schedule


Who We Are


At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to “Be the Difference”. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves.


We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what’s possible. We promote collaboration and empowering our teams is at the core of our success.


Join Astrion and Be the Difference in your career and the world!


Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.


This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.












Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed