Colsa
Platform Cybersecurity SME
COLSA is seeking a Platform Cybersecurity SME to support the integration of cybersecurity requirements across KC-46 program activities. The SME provides expert guidance, aligns security solutions with technical and operational objectives, and collaborates with stakeholders to maintain mission readiness for both classified and unclassified systems. Responsibilities include: Provide platform-level integration, sustainment, and modernization cybersecurity expertise in support of the KC-46 platform. Provide SME-level guidance and support for program engineering milestone reviews, test planning, and the development of certification and accreditation packages. Assist the Information Systems Security Manager (ISSM) by applying multi-disciplinary expertise in project management, system security engineering, and system and network administration. Ensure compliance with the most current revision of applicable Security Directives for Platform Information Technology (PIT), PITI, and non-PIT systems, including DoDI 8500.01, DoDI 8510.01, RMF for DoD IT, JSIG, and NIST 800-53. Support the development, modification, review, and coordination of cybersecurity documentation, including PIT determination packages, cybersecurity strategies, System Security Plans (SSP), control traceability matrices, risk assessment reports, POA&Ms, security assessment plans, and artifacts for program reviews and RFPs. Review program office artifacts and provide recommendations to support cybersecurity Risk Management Framework (RMF) analysis and compliance. Assist with planning, documenting, and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems. Participate in cybersecurity site audits to verify architectures, confirm security controls, validate mitigation actions, witness testing, and support government approval processes for IATT, IATO, ATO, and ATC. Assist in identifying software assurance (SWA) pedigree, including platform software, review QA issues, and document results for program leadership. Support the Government in conducting Supply Chain Risk Management (SCRM) activities, including the development and integration of SCRM plans into acquisition and security documentation (e.g., Acquisition Strategy, SEP, PPP, SSP). Support the maintenance and security of DoD and Air Force computing systems and networks (classified and unclassified) by performing or assisting with activities such as trusted downloads, classified media handling, patch compliance, mandated vulnerability mitigations, and user account management. At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here. Required Experience includes: Bachelor's degree or higher in technical or engineering field Minimum of 15 years of related experience Demonstrated SME-level expertise in integrating cybersecurity requirements into acquisition, modernization, and sustainment activities. U.S. Citizenship required; Active Top Secret clearance with a Single Scope Background Investigation (SSBI) within the last 5 years and eligibility for SCI access. Must hold, or be able to obtain within six months of hire, a DoD 8140/8570 certification at the IAT, IAM, IASAE, or CSSP level appropriate for assigned duties. Preferred Qualifications include: Master's degree in related discipline Air Force or DoD weapons system platform experience (KC-46, C-17, or similar) Experience leading or providing senior advisory support for Risk Management Framework (RMF) compliance and accreditation processes. Proven track record providing cybersecurity risk management for defense systems across the platform lifecycle. Active TS/SCI Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin. The salary range, if referenced, represents a good faith estimate. COLSA considers various factors when determining base salary offers, but not limited to, location, the role, function and associated responsibilities, a candidate's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. COLSA offers a comprehensive and customizeable benefits program which includes Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, Accidental Death & Dismemberment, Supplemental Income Protection Programs, 401(k) with company match, Flexible Spending Accounts, Employee Assistance Program, Education & Certification Reimbursement, Employee Discount Program, Paid Time Off and Holidays. This position will be posted for a minimum of 3 business days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed.
COLSA is seeking a Platform Cybersecurity SME to support the integration of cybersecurity requirements across KC-46 program activities. The SME provides expert guidance, aligns security solutions with technical and operational objectives, and collaborates with stakeholders to maintain mission readiness for both classified and unclassified systems. Responsibilities include: Provide platform-level integration, sustainment, and modernization cybersecurity expertise in support of the KC-46 platform. Provide SME-level guidance and support for program engineering milestone reviews, test planning, and the development of certification and accreditation packages. Assist the Information Systems Security Manager (ISSM) by applying multi-disciplinary expertise in project management, system security engineering, and system and network administration. Ensure compliance with the most current revision of applicable Security Directives for Platform Information Technology (PIT), PITI, and non-PIT systems, including DoDI 8500.01, DoDI 8510.01, RMF for DoD IT, JSIG, and NIST 800-53. Support the development, modification, review, and coordination of cybersecurity documentation, including PIT determination packages, cybersecurity strategies, System Security Plans (SSP), control traceability matrices, risk assessment reports, POA&Ms, security assessment plans, and artifacts for program reviews and RFPs. Review program office artifacts and provide recommendations to support cybersecurity Risk Management Framework (RMF) analysis and compliance. Assist with planning, documenting, and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems. Participate in cybersecurity site audits to verify architectures, confirm security controls, validate mitigation actions, witness testing, and support government approval processes for IATT, IATO, ATO, and ATC. Assist in identifying software assurance (SWA) pedigree, including platform software, review QA issues, and document results for program leadership. Support the Government in conducting Supply Chain Risk Management (SCRM) activities, including the development and integration of SCRM plans into acquisition and security documentation (e.g., Acquisition Strategy, SEP, PPP, SSP). Support the maintenance and security of DoD and Air Force computing systems and networks (classified and unclassified) by performing or assisting with activities such as trusted downloads, classified media handling, patch compliance, mandated vulnerability mitigations, and user account management. At COLSA, people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our "Family of Professionals!" Learn about our employee-centric culture and benefits here. Required Experience includes: Bachelor's degree or higher in technical or engineering field Minimum of 15 years of related experience Demonstrated SME-level expertise in integrating cybersecurity requirements into acquisition, modernization, and sustainment activities. U.S. Citizenship required; Active Top Secret clearance with a Single Scope Background Investigation (SSBI) within the last 5 years and eligibility for SCI access. Must hold, or be able to obtain within six months of hire, a DoD 8140/8570 certification at the IAT, IAM, IASAE, or CSSP level appropriate for assigned duties. Preferred Qualifications include: Master's degree in related discipline Air Force or DoD weapons system platform experience (KC-46, C-17, or similar) Experience leading or providing senior advisory support for Risk Management Framework (RMF) compliance and accreditation processes. Proven track record providing cybersecurity risk management for defense systems across the platform lifecycle. Active TS/SCI Applicant selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. COLSA Corporation is an Equal Opportunity Employer, Minorities/Females/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin. The salary range, if referenced, represents a good faith estimate. COLSA considers various factors when determining base salary offers, but not limited to, location, the role, function and associated responsibilities, a candidate's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. COLSA offers a comprehensive and customizeable benefits program which includes Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, Accidental Death & Dismemberment, Supplemental Income Protection Programs, 401(k) with company match, Flexible Spending Accounts, Employee Assistance Program, Education & Certification Reimbursement, Employee Discount Program, Paid Time Off and Holidays. This position will be posted for a minimum of 3 business days. If a candidate has not been selected at that time, it will continue to be posted until a suitable candidate is selected or the position is closed.