Information Security / Cybersecurity Specialist

Position Summary

The INFOSEC/Cybersecurity Specialist applies advanced computer science and cybersecurity practices to design, develop, evaluate, and integrate secure computer systems and networks. The role provides information assurance, system security engineering, and integration support to internal and external customers. Responsibilities span a wide range of security functions including secure architectures, electronic data protection, network access control, encryption technologies, vulnerability and penetration analysis, and cybersecurity research.

Key Responsibilities

System Security Officer (SSO) Support

• Perform SSO duties for all ATO‑owned systems-Operations (OPS) and Facilities & Equipment (F&E)-across the entire system lifecycle.

Program Control & Governance

• Provide program control and governance management support.

Security Management Functions

• Support budget management
• Provide privacy management support
• Coordinate responses for data calls
• Support audit management activities
• Develop and maintain Standard Operating Procedures (SOPs)
• Provide policy management support

Cybersecurity Engineering & Lifecycle Support

• Support system development lifecycle activities for NAS enterprise‑level F&E‑funded cybersecurity services and OPS‑funded cybersecurity efforts.
• Support development of cybersecurity standards and policies.
• Assist with integration of NAS systems into enterprise architecture at strategic and tactical levels.

Cybersecurity Engineering & Technical Services

• Deliver cybersecurity engineering management support
• Develop cybersecurity requirements
• Support development, management, and operation of cybersecurity tools
• Provide domain subject matter expertise
• Conduct cyber engineering reviews
• Support enterprise solution development
• Support cybersecurity monitoring standards, requirements, and management

Domain Subject Matter Expert (SME)

• Serve as a primary technical advisor for cybersecurity policies, engineering approaches, and best practices across NAS enterprise-level systems.
• Translate complex cybersecurity concepts into actionable guidance for program, engineering, and leadership teams.
• Lead working groups, technical interchange meetings, and architecture reviews to ensure alignment with enterprise security standards and FAA requirements.
• Provide expert recommendations during system design, risk assessments, integration, and modernization efforts.
• Evaluate emerging cybersecurity technologies and methods, advising on applicability, feasibility, and enterprise impact.
• Mentor junior engineers and support teams by providing specialized knowledge in encryption, vulnerability management, penetration analysis, and information assurance.
• Validate cybersecurity requirements, standards, and technical documentation to ensure compliance with enterprise architecture and federal security mandates.

Qualifications

• U.S. Citizenship is required
• Must be able to obtain a Public Trust clearance
• Bachelor's degree in related field
• Minimum 2 years of relevant experience
• FAA experience a bonus

Preferred Qualifications

• Experience with encryption technologies, penetration testing, vulnerability assessments, and information assurance
• Experience supporting federal, aviation, or enterprise‑level systems
• Strong analytical, communication, and documentation skills
• Ability to collaborate with technical, program, and leadership teams