Subsidiary: KIRA Information Solutions

Job Title: Information System Security Engineer (ISSE)

Job Location: Hybrid-Position working with Wright-Patterson Air Force Base, Dayton, OH Labor Category: Exempt

Clearance Requirement: Secret Clearance, if required

In-person Requirement: As needed, meet in Dayton OH w/ key personnel or Customer

Travel Requirement: Minimal, as needed

Salary: $120,000- $180,000

Tlingit Haida Tribal Business Corporation (THTBC) is a family of 8(a), HUBZone, SDB, and other companies wholly- owned by the largest tribe in Alaska. Each of its wholly- owned 30+ subsidiaries are uniquely qualified to deliver value to its customers and teaming partners. For over 30 years, THTBC has operated as a trusted US Federal contractor throughout the US and worldwide. As a Native Alaskan, Tribally- Owned business, THTBC has a competitive edge unique in the US Federal Government contracting space, including access to US Government directed sole source contracts. THTBC delivers outstanding service with innovative, low-cost contract solutions to all its public and private sector customers worldwide.

THTBC is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran’s status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law.

Scope of Work:

This position is working with the government and may require secret clearance and/or security plus certification. The government program office is Wright Patterson AFB, Dayton, Ohio. The development and support team are geographically dispersed, and teleworking is our daily working protocol, however, on-site support for meetings may be required. The program requires highly qualified, self-motivated, proactive people who work well with others with limited supervision.

Essential duties:

The Information Systems Security Engineer (ISSE) will be responsible for the day-to-day security operations of all of the ETIMS systems. The ISSE will be responsible for ensuring the full compliance and appropriate operational security posture set to current Federal, CNSS, DoD, USAF, and NIST standard including but not limited to standards included in the programs Performance Work Statement. CyberSecurity for all information systems will be maintained and documented by the ISSE. The ISSE will run vulnerability scans, as required in systems such as Checkmarx and CAST, etc. In addition to implementing and maintaining the aforementioned policies, they shall support the creation and maintenance of Plans of Action and Milestones (POA&M) in response to vulnerabilities identified during scans, risk assessments, audits, and inspections. This responsibility includes physical and environmental protection, access control, incident handling, security training, vulnerability and compliance management, configuration management, and the assistance in the development of security policies and procedures. The ISSE [RD2] [KG3] assures successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization’s mission and goals. The ISSE shall ensure that all application deliverables comply with the hosting environment’s Application Security & Development Security Technical Implementation Guide (STIG), which includes the need for source code scanning, the Database STIG, and a Web Penetration Test to mitigate vulnerabilities associated with (Structured Query Language) SQL injections, cross-site scripting, and buffer overflows.

The appointed ISSE will work for and in close collaboration with the Government appointed ISSM/E. Our ISSE will perform duties in accordance with DoD Instruction 8510.01 and 8520.02, DoD Directive 8140.01, AFI 33-210, NIST Special Publication 800-37, and AR 25-2.

Required qualifications:

• Bachelor’s degree in engineering, science, mathematics, or a related field.
• Five years’ experience within the past 10 years, in planning simulation exercise architectures, supervising implementation of communication systems, and integration of distributed exercises.
• Five years’ experience in information technology management.
• Knowledge base with DoD Instruction 8510.01 and 8520.02, DoD Directive 8140.01, AFI 33-210, NIST Special Publication 800-37, and AR 25-2.
• Meet DoD 8570.01-M, 8140.01 Baseline Computing Environment (CE) Certification Requirements at Information Assurance Management Level II (IAM II).
• U.S. citizenship.

Preferred qualifications:

• Bachelor’s degree in Computer Science or Information Management.
• Possess an expert understanding of NIST, DoD, Air Force (AF) Cybersecurity Risk Management Framework policies, directives, instructions, manuals, and best business practices.
• Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities (e.g., ACAS, MECM, ESS,etc.).
• Knowledge of disaster recovery continuity of operations plans. Knowledge of enterprise incident response program, roles, and responsibilities.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth).
• Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins. Knowledge of measures or indicators of system performance and availability.

To perform this job successfully, an individual must be able to perform all the essential duties of the position satisfactorily. The requirements are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable qualified individuals with disabilities to perform the essential functions. May be required to obtain and maintain a security clearance, including successfully completing a thorough background investigation.

If you need reasonable accommodations for any part of the employment process, please contact us and let us know the nature of your request. Requests for accommodation will be considered on a case-by-case basis.

Program Details:

This position is in support of the sustainment and modification of the United States Air Force (USAF) Electronic Technical Information Management System (ETIMS) program. ETIMS is the Air Force System of Record for Technical Order (TO) management and is the Air Force’s Enterprise Defense Business System (DBS) for managing TOs. TOs are military orders containing the authoritative procedures and instructions for operating and maintaining all U.S. Department of the Air Force equipment and systems.

ETIMS supports ~178,000 users at ~385 sites worldwide. It also supports ~60,000 eTOs, 54,000 ETIMS eTools, 14,000 paper TOs, and more than 13,000 TO libraries across the Air Force Enterprise. Agencies that rely on ETIMS for Air Force-related TOs and Computer Program Identification Numbers (CPINs) include the Army, Navy, Marines, Coast Guard, Foreign Military Sales (FMS), the National Aeronautics and Space Administration (NASA), The White House, and numerous Military Industrial Complex partners. ETIMS provides access to the official TO cataloging, managing, storing, distributing, and viewing capabilities needed by the operators and maintainers to support all Air Force weapon systems and equipment items.

ETIMS is a cloud-based enterprise system hosting Java and Windows applications accessing Oracle database in the AWS environment. The ETIMS migration to the Amazon Web Services (AWS) Air Force Cloud 1 environment and leveraging Agile Principles allows for processes to mature across the user community and enables streamlining and process improvement realized by the rapid delivery of follow-on capabilities. ETIMS has been modernized over the years to provide a fully capable Air Force enterprise TO Management system.

The Government Program Office is located at Wright Patterson Air Force Base in Dayton, Ohio. The development and support team are geographically dispersed and teleworking our daily working protocol.