Principal Cyber Security Engineer - 25619 in Orlando, FL at Alion Science and Technology

Date Posted: 6/16/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Orlando, FL
  • Job Type:
    Engineering
  • Experience:
    Not Specified
  • Date Posted:
    6/16/2018
  • Job ID:
    25619

Job Description



Responsibilities/Qualification

Position Summary

The Principal Cyber Security Engineer serves as the Chief, NCRC Academics and CSET Division.  The Principal Cyber Security Engineer works under supervision of the Program Manager (PM), National Cyber Range Complex (NCRC). As Chief, NCRC Academics and CSET Division, the Principal Cyber Security Engineer directs three branches and a team of 125-175 cyber training staff that includes educators and teachers (Blue Force), opposing forces and cyber exploitation staff (Red Force) and observers and umpires (White Force) operating simulation-driven cyber exercises.  Events range in size and scale from national and theater through small unit level for US armed forces and other US and allied organizations. In conjunction with the PM, establishes training and education tactics, techniques, and policies (TTPs) necessary to effectively accomplish NCRC objectives.  Work is reviewed in terms of fulfillment of exercise objectives, effect of advice on exercise enhancements, and influence on the overall exercise and cyber event program.

Duties and Responsibilities          

The Principal Cyber Security Engineer  leads a team of cyber subject matter experts (SMEs) preparing the next generation of cyber warfigher for DoD and the armed forces; the Division Chief oversees the design of cyber training scenarios, evaluates the effectiveness of the individuals performing the training and measures and scores the success of the scenarios selected.  The division consist of three branches, a Red Force, Blue Force, and White Force. The Red Force or OPFOR provides a team of cyber exploitation experts with specialty skills in offensive, defensive, exploitation and hacking tactics and techniques. They are responsible for preparing complex scenarios to penetrate and attack training networks in pre-planned scenarios. Blue Force trainers provide live and virtual student training at all levels on the use and implementation of cyber-tools, processes and techniques. White Force members serve as evaluators and judges throughout a cyber-exercise or event. They score both the team members being trained against minimum satisfactory scores and metrics and the effectiveness of the Red and Blue Forces are scored with a view toward improving their scenarios and training techniques for future events.

  • Oversees the cyber training program to include developing, implementing, enforcing and teaching communicating security TTPs to include policies or plans for data, software applications, hardware, telecommunications and information systems.
  • Leads the implementation of new security solutions, and creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as oversees vulnerability audits and assessments performed by students against the training network
  • Designs vulnerability assessments, penetration tests and security audits and provides recommendations for application design.

Coordinates and integrates the diverse, highly technical, professional, and interlocking work performed by contractors leading to complete exercise support packages consisting of exercise and simulation control plans, an exercise analysis collection management plan, a complete classified exercise database, video teleconferencing, and complex, electronically linked, battle simulation systems distributed to remote sites over multiplexed, dynamic alternate routing, and secure data communication circuits. Accommodates schedule and priority changes directed by higher officials by redirecting the work of contractors and coordinating the impact of the redirection with affected external agencies. Makes major decision real-time and takes actions, which have a direct and substantial effect on the combat readiness of supported organizations and exercise/training programs.

  • Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research.
  • Oversees development new systems, applications, and solutions for NCRC enterprise-wide cyber-systems and networks to improve training and exercise events
  • Ensures the logical and systematic conversion of exercise requirements into total training solutions that acknowledge technical, schedule, and cost constraints

The contractor work force may consist of senior officers, potentially general officers, retired colonels, and numerous retired field grade (04/05) officers. Supervises/oversees the effort of senior-level (06) officers during the execution of exercises and testing events. During these theater-level exercises, establishes, equips, mans, and links via a wide area network multiple simulation centers that could be located in Korea/Japan, Germany, Fort Hood/Fort Lewis, and Hawaii or Alaska. Determines long range work plans and schedules of subordinates, establishes and manages internal control procedures, and is responsible and accountable for meeting goals, objectives, and deadlines. Makes decisions on work problems presented by subordinate supervisors and establishes priorities. Collaborates with heads of other units to negotiate, decide on, and/or coordinate work-related changes affecting them. Advises higher officials on problems involving the relationship of the unit supervised to broader programs and the impact on those programs. Evaluates subordinate supervisors and serves as second level reviewer on evaluations of employees rated by subordinate supervisors. Makes selections for supervisory and non-supervisory positions in the NCRC CSET Division. Hears and resolves group grievances and serious employee complaints including those not resolved at a lower level and reviews and approves serious disciplinary actions, such as suspensions and removals, involving employees of the unit. Evaluates training needs and requests of employees in the unit and decides on training to be undertaken.

  • Recommends new architectural features into existing training environment and network infrastructures, designs cyber security architectural artifacts, providing architectural analysis and relates existing system to future needs and trends.
  • Embeds forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration/testing issues.
  • Participates in the creation and enforcement of enterprise security documents (policies, standards, baselines, guidelines and procedures). Maintains documentation, procedures and working instructions in accordance with armed services TTPs and federal and departmental guidelines.
  • Analyze logs and reports and interprets the implications post events. Participates in investigations into problematic activity and assists with plans for appropriate resolution.
  • Performs additional duties and responsibilities as required.

Education and Experience

Master’s degree in Information Assurance, Computer Science, or a related field plus 10 to 12 years of related experience.  An Information Assurance certification in compliance with DoD 8570 (e.g. Security+) is required. Retired military officer with senior service preferred.

In some cases, educational requirements may be adjusted or waived for comparable work experience. Work experience may be adjusted for highly specialized knowledge or uniquely applicable experience for positions involving new technology or labor market shortages as reflected by market survey data.

Knowledge, Skills, Abilities

Demonstrated command of engineering of principles, methods, and techniques in data security and system development.

Experience at any level working within a military service simulation center highly preferred: Korea/Japan, Germany, Virginia, Fort Hood/Fort Lewis, Hawaii and Alaska (National Simulation Center, Fort Leavenworth, KS; Joint Warfighting Center, Fort Monroe, VA; Joint Multinational Simulation Center, Grafenwoehr, Germany; Gaming and Simulation Facility, Camp Smith, HA; ROK Army Battle Command Training Program, Yongsan, Korea; Warfighter Simulation Center, Germany; Marine Corps Battle Simulation Center, Quantico, VA).

An active TS/SCI security clearance is required.

Expert knowledge of secure operating systems as well as data security.

Excellent customer and organizational level communication, presentation and interpersonal skills.



Diversity Statement

Women, minorities, individuals with disabilities and veterans are encouraged to apply.  Alion will provide a reasonable accommodation to individuals with disabilities and disabled veterans who need assistance to apply.  Please visit the Alion Careers site for more information

U.S. Citizenship Required.

Next Steps

Join Our Talent Network

Join Our Talent Network

Join the Alion Science and Technology Corporation Talent Network today and stay up-to-date on our openings as they continue to become available! As a member of our network, you will receive alerts with new job opportunities that match your interests and have the ability to share job opportunities through social media or email. Join now!

Whether you choose to apply or just leave your information, we look forward to staying connected
with you.