We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Astrion jobs

Cybersecurity Principal

Astrion
United States, Massachusetts, Bedford
Feb 27, 2026
Overview

CYBERSECURITY SME

LOCATION: Hanscom AFB, Bedford MA

Salary Range:$175-$200,000 annually

JOB STATUS:Full-time

CLEARANCE: Top Secret/SCI

Astrion has an exciting opportunity for a Cybersecurity SME located at Hanscom AFB in Bedford Massachusetts in the C3I and Infrastructure Division (AFLCMC/HNI) which focuses on providing enterprise support to over 110 active Air Force, Air National Guard (ANG), and Air Force Reserve installations and bases. The Network Services Professional will provide network services in support of the Base Information Transport Infrastructure (BITI) programs.

REQUIRED QUALIFICATIONS / SKILLS:

  • Must have and be able to maintain an active Top Secret clearance
  • Must be a U.S. Citizen
  • Master's or Doctorate Degree in a related field and at least 20 years of experience in the respective technical / professional discipline being performed, 12 years of which must be in the DoD
  • OR, Bachelor's Degree in a related field and 25 years of experience in the respective technical/professional discipline being performed, 15 years of which must be in the DoD
  • OR, 30 years of directly related experience with proper certifications as described in the PWS labor category performance requirements, 20 years of which must be in the DoD.

RESPONSIBILITIES:

ISSM duties include but are not limited to:

  • DoDD 8140 compliant IAM Level III certification, such as the Global Information Assurance Certification, Security Leadership Certification, Certified Information Security Manager and/or CISSP is required.
  • Support implementation of the RMF.
  • Perform the ISSM duties as outlined in DoDI 8510.01 and DoDI 8500.01 for assigned systems/applications.
  • Develop and maintain a formal Information Systems security program and policies for their assigned area of responsibility.
  • Supporting the system/application A&A effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., RMF).
  • Ensure proper measures are taken when an Information System incident or vulnerability is discovered.
  • Maintain and report IS and Platform Information Technology systems assessment and authorization status and issues in accordance with DoD Component guidance.
  • Provide direction to the ISSO in accordance with DoDI 8500.01.
  • Ensure that ISSOs are appointed in writing and provide oversight to ensure they are following established cybersecurity policies and procedures.
  • Coordinate with the organization's security manager to ensure issues affecting the organization's overall security are addressed appropriately.
  • Ensure that Information Owners and stewards associated with DoD information received, processed, stored, displayed, or transmitted on each DoD Information Systems and Platform Information Technology system are identified in order to establish accountability, access approvals, and special handling requirements.
  • Maintain a repository for all organizational or system-level cybersecurity-related documentation.
  • Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring.
  • Ensure that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations.
  • Ensure implementation of Information System security measures and procedures including reporting incidents to the AO and appropriate reporting chains, and coordinating system-level responses to unauthorized disclosures in accordance with DoDM 5200.01, Volume 3, DoD Information Security Program: Protection of Classified Information or DoDI 5200.48, Controlled Unclassified Information (CUI), respectively
  • Ensure handling of possible or actual data spills of classified information resident in ISs, are conducted in accordance with DoD 5200.01, Volume 3.
  • Act as the primary cybersecurity technical advisor to the AO for DoD Information Systems and Platform Information Technology systems under their purview.
  • Ensure that cybersecurity-related events or configuration changes that may impact DoD Information Systems and Platform Information Technology systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD Information Systems.
  • Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD Information System or Platform Information Technology system.
  • Ensure that ISSOs author, monitor, and record system information in applicable databases. Prepare and record system, security status, and portfolio management information into the EITDR for Federal Information Security Management Act; Security, Interoperability, Supportability, Sustainability, Usability; Clinger Cohen Act; and other statutory compliance.
  • Author, review, certify, and/or maintain IA and security management plans to include RMF Implementation Plans, System Security Management Plans, Information Support Plans, PPPs, Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Security Concepts of Operations, OPSEC Plans, and other system/network security related documents.
  • Perform ISSM/ISSO duties as outlined in DoDI 8510.01 for assigned systems/applications.

  • At the initiation of the period of performance and throughout the period of performance of the contract, the Contractor shall ensure that, as a minimum, 100% of the total labor provided to deliver cybersecurity services are certified in accordance with DoDD 8140 standards

ADDITIONAL DUTIES:

  • The Contractor shall ensure personnel performing cybersecurity activities obtain, and remain current with, technical and/or management certifications to ensure compliance as directed by DoD 8140,02 and outlined in DoD 8570.01-M, Appendix 3, Table 2 2, and AFMAN 17-1303.

  • The Contractor shall ensure that all system deliverables comply with DoD and Air Force cybersecurity policy, specifically DoDI 8500.01 and AFI 17-130, Air Force Cybersecurity Program Management.

  • To ensure that cybersecurity policy is implemented correctly on systems, Contractors shall ensure compliance with DoD and Air Force Certification and Accreditation policies, specifically DoDI 8510.01 and AFI 17-101, the Risk Management Framework (RMF) for Air Force Information Technology.

  • The Contractor shall support activities and meet the requirements of DoDI 8520.02 in order to achieve standardized, PKI supported capabilities for biometrics, digital signatures, encryption, identification and authentication.

  • The Contractor shall ensure that all application deliverables are complaint with Public Law 111-383, which states the general need for software assurance.

  • The Contractor shall ensure that all application deliverables comply with DISA Application Security Development Security Technical Implementation Guide which includes the need for source code scanning to mitigate vulnerabilities associated with SQL injections, cross-site scripting, and buffer overflows.

Applied = 0
MORE JOBS LIKE THIS

(web-6bcf49d48d-kx4md)