Senior Cybersecurity Specialist

PhalanxGriffon (PG) is a toppriority, openarchitecture airborne node that stitches warfighter data into theDAFBATTLENETWORK. AsSeniorCybersecurity Specialist, you will be the program's authority on securing Nomad hardware, Smith software, and Watch operations throughoutMajorRelease2 (FY2527). Your zerotrust designs, continuousATO tooling, and crossdomain safeguards will decide when PG can fly-and fight-in contested environments.

Essential Job Functions

Cyber Strategy & Governance

* Own the PGCybersecurity Strategy, System Security Plan (SSP), and Plan of Action & Milestones (POA&M).
* Align all efforts with NIST80053, CNSSI1253, and AirForce ZeroTrust Reference Architecture.
* Chair cyber risk boards; brief metrics & burndowns to SES/GO stakeholders.

RMF & Continuous ATO

* Lead the PGRisk Management Framework (RMF)process from categorization through authorization; shepherd artifacts in eMASS.
* Stand up automated compliance scans (ACAS, SCAP, Nessus, Tanium) integrated with the DevSecOps pipeline; deliver continuousATO dashboards.

Secure DevSecOps & SupplyChain Risk

* Embed SBOM analysis, container hardening, and codesigning into Smith's 90day software release cadence.
* Evaluate thirdparty components for supplychain threats; drive mitigations and waivers.

CrossDomain & Crypto Engineering

* Develop guard rulesets and dataflow enforcement forMultiLevel Security (MLS)crossdomain solutions.
* Coordinate Type1 crypto keymanagement plans with NSA; author KOV11 / SKL handling procedures.

Vulnerability Management & Incident Response

* Conduct penetration tests and redteam exercises on IntegrationSIL builds; track findings to closure.
* Draft and rehearse PGspecific incidentresponse/huntforward playbooks for Watch operations.

Platform & FlightTest Support

* Generate "cyber annexes" for AFForm1067s, SafetyofFlight packages, and Interim Authorizations To Test (IATT).
* Deploy secure configs on flight hardware; provide onsite cyber assurance during ground & flight events.

Mentorship & Culture

* Coach engineers on securebydesign principles, STIG implementation, and zerotrust concepts.
* Foster a DevSecOps, failfast mindset inside classified environments.

Required Skills:

Due to the sensitivity of customer related requirements, U.S. Citizenship is required.

B.S. in Cybersecurity, Computer Science, InformationSystems, or related field (M.S. preferred) and 12+yearssecuring DoD or IC C4ISR/avionics systems; at least 5years as the lead cybersecurity engineer or ISSM.

ActiveTS/SCIclearance.

Handson mastery ofRMF, NIST80053, DISA STIGs, SCAP/ACAS, and eMASS workflows.

Experience designing or accreditingcrossdomain solutions and Type1 cryptoarchitectures.

Working knowledge of container security, IaC (Ansible/Terraform), and DevSecOps pipelines (PlatformOne, IronBank).

Desired Skills:

DoD 8570/8140IAM/IASAE LevelIIIcertification (CISSPISSEP, CISM, GSLC, etc.).

Prior involvement inABMS, CJADC2, OMS/UCI, or tactical datalinkprograms.

Familiarity with zerotrust enforcement for SATCOM, SDR, and softwaredefined networking environments.

Redteam / pentest credentials (OSCP, GXPN, CEH) and experience authoring mitigations.

Agile/Scrum or SAFe certification.