Security Engineer

USfalcon Inc provides integrated technology solutions worldwide to Department of Defense clients in the areas of C4ISR Operations, Aerospace mission support, Engineering, Information Technology, Logistics and Training. It has been recognized as one of the fastest growing privately held companies in the United States. USfalcon has offices in Morrisville, NC, Reston, VA, Colorado Springs, CO, Huntsville, AL and Newport News, VA.

**Duties:** - Support the preparation, review and analysis of engineering reports, test plans, test reports and other data, including specifications, in the areas of gas turbine engine propulsion systems and their related components, electronic controls, diagnostics and software. - Evaluate systems test plans and participate in the conduct of system, subsystem and component level testing. - Support translating user requirements into system requirements, which will be used to design, develop, fabricate, test and evaluate systems, subsystem and equipment for eventual fielding and deployment. - Perform technical/mission analyses of existing and future operational requirements, assists in developing system concepts and perform technological/trade-off assessments of proposed designs/modifications. - Assist with developmental planning support in evaluation of the military mission to be accomplished and any related requirements documentation. - Review and analyze proposals, including regulatory and other policy driver changes or proposed modifications for design feasibility and system compatibility. - Support and conduct systems analyses to include system design/design feasibility and state-of-the-art assessment. - Assist Contracting by performing technical evaluations of contractor proposal submissions prior to placing Engineering Changes on contract. - As required, assist, review, and provide recommendations for AFIs and other policy documents. - Perform professional security engineering work involved in the application of advanced theories, concepts, principles, and processes to the acquisition, development, or sustainment of propulsion systems and subsystems. - Provide acquisition planning and advisory support for developing contract requirements and assessing nonfederal information systems (i.e., defense contractor networks) processing classified and controlled unclassified data. - Assist in developing and processing program DD Forms 254 and security classification guides. - Review and make technical recommendations regarding critical technologies requiring protection, Program Protection Plans (PPP), and AT plans, techniques, threats/vulnerabilities, risks, and results. - Review and/or document Critical Program Information/Critical Technology (CPI/CT) lists . - Assist in identifying CPI as well as developing and executing PPPs and AT plans. - Monitor and evaluate AT efforts for impacts to the program and provide recommendations to the Chief Engineer and Program Manager; interact with defense community AT experts, identify and address horizontal protection issues and coordinate program AT activities with Air Force and DoD AT Executive Agents and the Air Force AT Validation and Verification Team. - Evaluate designs and proposed implementation solutions to defend critical networks against malicious and non-malicious exploitation throughout the full acquisition lifecycle of portfolio programs. - Evaluate threat data and develop residual risk recommendations and mitigations to senior DoD and AF leadership based on identification and analysis of weapons vulnerabilities. - Identify and document threats, vulnerabilities, attack scenarios, impacts if exploited, and likely timelines for exploitation. - Inform Program Managers and Chief Engineers to enable program accreditation, airworthiness certification, and milestone decisions. - Support remote site, site visits, site audits, design reviews and engineering implementation reviews of network architectures. - Advise and assist in applying the principles, criteria, and procedures of DoDI 8500.01, Cybersecurity and DoDI 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT). These may include DCID 6/3, JAFAN/6/3, NIST 800-53, Life Cycle Management Center Technical Process for Platform Information Technology Certification and Accreditation, and/or directives/guidance identified in the PPP. - Execute the Information Assurance (IA) Risk Management Framework (RMF) to support Certification and Accreditation (C&A) of assigned systems including generating required artifacts such as Interim Authority to Test (IATT), Interim Authority to Operate (IATO), and Authority to Operate (ATO) packages as well as associated reports and presentations. - Additional duties as assigned.

**Preferred Qualifications:** - Proficient in Microsoft Office applications (e.g., Word, PowerPoint, Excel, Access, and Outlook). - Experience with Propulsion Office SOCCER system, AFMC SOCCER automated suspense tracking system, etc.