Torch Technologies
Thank you for your interest in employment with Torch Technologies. We are a 100% employee-owned, Certified Great Place To Work and named Best Places to Work in Huntsville/Madison County, headquartered in Huntsville, AL. Our team provides superior research, development, and engineering services to the Federal Government and Department of War. As one of the nation’s top 100 defense companies, the services we provide directly support the men and women who serve our country. Our corporate mission sums up the pride our employee-owners take in the work we do: “Lighting the Pathway of Freedom”. And, as a Certified Evergreen ESOP, we have made the commitment to grow and sustain our company for the next 100 years! Come grow with us!
Torch Technologies has an exciting opportunity for a Cybersecurity Engineer, Principal (ISSE) located Kettering, OH (Dayton/WPAFB area) to support our EPASS GB contract. As part of the AFLCMC/GB Business and Enterprise Systems Directorate (BES), FLITES is a new system within the AF to manage Item Master data. The FLITES will provide comprehensive Item Catalog and Provisioning functions for the Logistics business systems, and will replace the Item Management Control System (IMCS) suite of legacy systems, at a minimum. FLITES will be the central repository for the Item core business objects, providing standardization of Item cataloging processes, structure, attributes, propagation, and standardized views for all applicable Item types. Additionally, FLITES will receive product structure input from an engineering Product Lifecycle Management (PLM) type system. Foundational Logistics Information Technology Enterprise System (FLITES) is the Item data as a core underlying need for each Capability Initiative (CI), and as such will integrate with many logistics enterprise systems. The Air Force wants to rapidly modernize its enterprise logistics systems, most of which require Item data. The new FLITES will provide essential functionality of the legacy IMCS more efficiently and effectively in addition to implementing new functionality as described below. Without this support to the Program Management Office (PMO) under GBS, the Government would not be able to complete the required documentation, reporting, and program management support required for a Business Acquisition Category (BCAT) II program. This system will have high visibility following the 5000.75 process.
As a Cybersecurity Engineer, Principal (ISSE) your duties will include the following, but are not limited to:
Provide the PMO/Capability Development Manager (CDM) cybersecurity support per DoDI 8500.01.
Assessing and continuously monitoring cybersecurity risk ensuring that legacy and new capabilities adhere to enterprise standards such as Risk Management Framework (RMF), Cybersecurity Framework (CSF), and National Institute of Standards and Technology (NIST) and per Authorization Official’s Information System’s Continuous Monitoring (ISCM) strategy.
Employs best practices when implementing security controls, including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques. The ISSE coordinates their security-related activities with the information security architect,, ISSM, ISSO, ISO, and common control provider.
Completes training and maintain certification IAW AFI 17-1303. Duties performed by the ISSE may include but not limited to the following:
Completes and maintains required cybersecurity certification IAW AFMAN 17-1303;
Ensures all AF IT cybersecurity-related documentation is current and accessible to properly authorized individuals;
Supports the PM or ISO in maintaining current authorization to operate, approval to connect (if required), and implementing corrective actions identified in the plan of actions and milestones;
Coordinates, with the PM and AO staffs, development of an ISCM strategy and monitors any proposed or actual changes to the system and its environment;
Continuously monitors the IT and environment for security-relevant events;
Assesses proposed configuration changes for potential impact to the cybersecurity posture;
Assesses the quality of security controls implementation against performance indicators;
Ensures cybersecurity-related events or configuration changes that impact AF IT authorization or adversely impact the security posture are formally reported to the AO and other affected parties, such as IOs, stewards, and AOs of interconnected IT;
Ensures all ISSOs and privileged users receive necessary technical training and obtain cybersecurity certification IAW AFMAN 17-1301, Computer Security (COMPUSEC), AFMAN 17-1303, and maintain proper clearances IAW DoDI 8500.01; and,
Ensures the AF IT is acquired, documented, operated, used, maintained, and disposed of properly IAW DoDI 5000.02 and DoDI 8510.01.
Job Requirements
U.S. Citizenship
Bachelor’s degree in a related field and 10 years of experience in the respective technical/professional discipline being performed.
Must have and maintain an active T3/ Secret security clearance.
Possess experience providing guidance on the following to include, but not limited to: Access control , Configuration management, System and communications protection, Contingency planning. Incident handling, System and information integrity.
Security and privacy training and awareness; and, Software development activities, software and tools related to Cybersecurity
Experience performing cybersecurity duties as outlined in DoDI 8500.01, AFI 17-130, and AFI 17-1301 for assigned AF IT.
Experience validating, evaluating and analyzing finding results and developer adjudications using automated testing tools, e.g., Fortify, Checkmarx, SonarQube, and AppScan.
Experience utilizing DoD tracking systems to input/document cybersecurity deficiencies, vulnerabilities, and change requests in the appropriate tracking system for each program, e.g., Jira, HP ALM, and eMASS.
Experience with conducting information security continuous monitoring (ISCM) by maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions IAW approved ISCM strategy.
At a minimum, the successful candidate will meet the requirements for and maintain a personnel certification associated with the DCWF Information Systems Security Developer work role (631) at an advanced (principal) proficiency level as outlined in DoDI 8510.01, AFMAN 17-1305 and AFI 17-101 for assigned systems/applications:
FITSI FITSP-D - Required
GIAC GCSA
(ISC)2 CISSP-ISSEP
Preferred Qualifications:
Certified SCRUM Master
Other Agile Certifications
Working knowledge of the Agile Development methodology
Experience using any, or all, of the following tools (Desired): CheckMarx, SonarQube, Mavin, Fortify, Jira, Confluence, and BitBucket.
Schedule: M-F; 8-5
Work Location: Kettering, OH
Travel: Yes, 0-10%
Relocation Assistance Available: No
Position Contingent Upon Award of Contract: No
#LI-EW1
Benefits:
Torch Technologies is proud to offer a stable and professional work environment, a competitive salary, and an excellent, comprehensive benefit package including: ESOP participation, 401(k) match and safe-harbor contribution, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts, EAP, education assistance, paid time off, and holidays.
Applying to Torch Technologies:
Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, citizenship, ancestry, marital status, protected veteran status, disability status or any other status protected by federal, state, or local law. Torch Technologies, Inc. participates in E-Verify.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Careers Link as a result of your disability. You can request reasonable accommodations by sending an email to [email protected]. Thank you for your interest in Torch Technologies.
Skills Required
- Bachelor's degree in a related field and 10 years of experience
- Active T3/Secret security clearance
- Experience with cybersecurity duties as outlined in DoDI 8500.01, AFI 17-130, and AFI 17-1301
- Experience validating and analyzing findings with automated testing tools like Fortify and Checkmarx
- Experience using DoD tracking systems like Jira and HP ALM
- FITSI FITSP-D certification
- GIAC GCSA certification
- (ISC)2 CISSP-ISSEP certification
What We Do
Founded in October 2002, Torch is a 100% employee-owned business headquartered in Huntsville, Alabama. Our commitment to our employees results in a retention rate well over 90% and helps ensure our customers experience a stable work force. Our outstanding fringe benefits package helps recruit, retain and sustain our workforce. Torch has received national and local recognition for its business performance, workplace environment, and ethical business practices. In 2021, Torch was named one of the Best Workplaces in Consulting & Professional Services for the sixth year by Great Place to Work. Torch was also recognized as the 2021 ESOP Company of the Year by the New South Chapter of The ESOP Association for a second time. Torch was a recipient of the 2021 James S. Cogswell Outstanding Industrial Security Achievement Award by the DCSA. Bloomberg Government also listed Torch in its annual “Top 200” for the fifth year. In 2020, Torch became the only four-time recipient of the Better Business Bureau’s Torch Award for Business Ethics in the North Alabama region. Great Place to Work named Torch one of the country’s Best Workplaces for Parents, and Great Place to Work and Fortune named Torch one of the country’s Best Workplaces for Millennials in 2020. Torch was also ranked on the Inc. 5000 list for the fourteenth consecutive year in 2020. Washington Technology listed Torch in its “Top 100” Government Contractors ranking for the sixth consecutive year. Torch was also selected for a 2020 Colorado Springs Business Journal “Best in Business” award. In 2019, Torch was ranked on the Entrepreneur 360 list for the third consecutive year. In 2018, Great Place to Work and Fortune magazine named Torch a Best Medium Workplace for the third consecutive year. Torch was also named a winner of the 2018 Best Places to Work in Huntsville award for the fifth time. In 2016, Torch was named one of America’s Best Small Companies by Forbes.
