Macpower Digital Assets Edge
Senior Cyber Security Specialist - Active TS/SCI
Macpower Digital Assets Edge, Dayton, Ohio, United States, 45444
JOB SUMMARY:
Our client is looking for Senior Cybersecurity Specialist having Active TS/SCI clearance to work on an open-architecture airborne node that stitches warfighter data into the
DAF Battle Network (DAF BNET). s
Senior Cyber Security Specialist , you will be the program's authority on securing Nomad hardware, Smith software, and Watch operations throughout Major Release. Your zero-trust designs, continuous-ATO tooling, and cross-domain safeguards will decide when PG can fly-and fight-in contested environments. ESSENTIAL JOB FUNCTIONS: Cyber Strategy & Governance:
Own the
PG
Cybersecurity Strategy, System Security Plan (SSP), and Plan of Action & Milestones (POA&M) . lign all efforts with NIST 800-53, CNSSI 1253, and Air Force Zero-Trust Reference Architecture. Chair cyber risk boards; brief metrics & burn-downs to SES/GO stakeholders. RMF & Continuous ATO:
Lead the
PG Risk Management Framework (RMF)
process from categorization through authorization; shepherd artifacts in eMass. Stand up automated compliance scans (ACAS, SCAP, Nessus, Tanium) integrated with the DevSecOps pipeline; deliver continuous-ATO dashboards. Secure DevSecOps & Supply-Chain Risk:
Embed S-BOM analysis, container hardening, and code-signing into Smith's 90-day software release cadence. Evaluate third-party components for supply-chain threats; drive mitigations and waivers. Cross-Domain & Crypto Engineering:
Develop guard rulesets and data-flow enforcement for
Multi-Level Security (MLS) cross-domain solutions
. Coordinate Type-1 crypto key-management plans with
NSA ; author KOV-11 / SKL handling procedures. Vulnerability Management & Incident Response:
Conduct penetration tests and red-team exercises on Integration SIL builds; track findings to closure. Draft and rehearse PG-specific incident-response/hunt-forward playbooks for Watch operations. Platform & Flight-Test Support:
Generate "cyber annexes" for AF Form 1067s, Safety-of-Flight packages, and Interim Authorizations to Test (IATT). Deploy secure configs on flight hardware; provide on-site cyber assurance during ground & flight events. Mentorship & Culture Coach engineers on secure-by-design principles, STIG implementation, and zero-trust concepts. Foster a DevSecOps, fail-fast mindset inside classified environments. Required Skills:
ctive TS/SCI clearance. B.S. in Cybersecurity, Computer Science, Information Systems, or related field and
15+ years
securing DoD or IC C4ISR/avionics systems; at least 5 years as the lead cybersecurity engineer or ISSM or a Masters plus 12 years of experience. Hands-on mastery of
RMF, NIST 800-53, DISA STIGs, SCAP/ACAS , and
eMass workflows . Experience designing or accrediting
cross-domain solutions and Type-1 crypto
architectures. Working knowledge of container security, IaC (
nsible/Terraform ), and DevSecOps pipelines (Platform One, Iron Bank). Desired Skills:
DoD 8570/8140 IAM
/IASAE Level III
certification (
CISSP-ISSEP, CISM, GSLC
, etc.). Prior involvement in ABMS
, CJADC2, OMS/UCI, or tactical data-link
programs. Familiarity with zero-trust enforcement for SATCOM, SDR, and software-defined networking environments. Red-team/pen-test credentials (OSCP, GXPN, CEH) and experience authoring mitigations. gile/Scrum or SAFe certification.
DAF Battle Network (DAF BNET). s
Senior Cyber Security Specialist , you will be the program's authority on securing Nomad hardware, Smith software, and Watch operations throughout Major Release. Your zero-trust designs, continuous-ATO tooling, and cross-domain safeguards will decide when PG can fly-and fight-in contested environments. ESSENTIAL JOB FUNCTIONS: Cyber Strategy & Governance:
Own the
PG
Cybersecurity Strategy, System Security Plan (SSP), and Plan of Action & Milestones (POA&M) . lign all efforts with NIST 800-53, CNSSI 1253, and Air Force Zero-Trust Reference Architecture. Chair cyber risk boards; brief metrics & burn-downs to SES/GO stakeholders. RMF & Continuous ATO:
Lead the
PG Risk Management Framework (RMF)
process from categorization through authorization; shepherd artifacts in eMass. Stand up automated compliance scans (ACAS, SCAP, Nessus, Tanium) integrated with the DevSecOps pipeline; deliver continuous-ATO dashboards. Secure DevSecOps & Supply-Chain Risk:
Embed S-BOM analysis, container hardening, and code-signing into Smith's 90-day software release cadence. Evaluate third-party components for supply-chain threats; drive mitigations and waivers. Cross-Domain & Crypto Engineering:
Develop guard rulesets and data-flow enforcement for
Multi-Level Security (MLS) cross-domain solutions
. Coordinate Type-1 crypto key-management plans with
NSA ; author KOV-11 / SKL handling procedures. Vulnerability Management & Incident Response:
Conduct penetration tests and red-team exercises on Integration SIL builds; track findings to closure. Draft and rehearse PG-specific incident-response/hunt-forward playbooks for Watch operations. Platform & Flight-Test Support:
Generate "cyber annexes" for AF Form 1067s, Safety-of-Flight packages, and Interim Authorizations to Test (IATT). Deploy secure configs on flight hardware; provide on-site cyber assurance during ground & flight events. Mentorship & Culture Coach engineers on secure-by-design principles, STIG implementation, and zero-trust concepts. Foster a DevSecOps, fail-fast mindset inside classified environments. Required Skills:
ctive TS/SCI clearance. B.S. in Cybersecurity, Computer Science, Information Systems, or related field and
15+ years
securing DoD or IC C4ISR/avionics systems; at least 5 years as the lead cybersecurity engineer or ISSM or a Masters plus 12 years of experience. Hands-on mastery of
RMF, NIST 800-53, DISA STIGs, SCAP/ACAS , and
eMass workflows . Experience designing or accrediting
cross-domain solutions and Type-1 crypto
architectures. Working knowledge of container security, IaC (
nsible/Terraform ), and DevSecOps pipelines (Platform One, Iron Bank). Desired Skills:
DoD 8570/8140 IAM
/IASAE Level III
certification (
CISSP-ISSEP, CISM, GSLC
, etc.). Prior involvement in ABMS
, CJADC2, OMS/UCI, or tactical data-link
programs. Familiarity with zero-trust enforcement for SATCOM, SDR, and software-defined networking environments. Red-team/pen-test credentials (OSCP, GXPN, CEH) and experience authoring mitigations. gile/Scrum or SAFe certification.