The Cybersecurity Lead at Los Angeles Air Force Base will serve as a key advisor and technical expert within the Base Cybersecurity Office (BCO), ensuring the security, operational availability, and compliance of IT systems supporting the LAAFB mission. This role involves overseeing Risk Management Framework (RMF) processes, Assessment and Authorization (A&A), vulnerability management, change management, and cybersecurity assessments in alignment with DoD, Air Force, and NIST cybersecurity policies and standards.

Key responsibilities include:

• Maintaining System Security Plans (SSP), Plans of Action and Milestones (POA&M), and other RMF documentation, ensuring updates are completed within ten workdays of any enclave changes.
• Tracking and reporting cybersecurity incidents, coordinating account management with external agencies such as 561 NOS, 83 NOS, and 690 NSS.
• Reviewing software vulnerabilities and evaluating new technology projects for security compliance.
• Leading inspection preparation efforts for Command Cyber Readiness Inspections (CCRI) and tracking Ports, Protocols, and Services Management (PPSM).
• Managing the Cyber Workforce Improvement Program (CWIP) certification tracking and overseeing analysis of malicious and suspicious emails.
• Collaborating with senior leadership, system owners, and security personnel to ensure alignment with DoD Cybersecurity Workforce Framework (DCWF) requirements while implementing best practices to mitigate threats and enhance resilience.
• Training and mentoring cybersecurity personnel, developing security policies and procedures, and ensuring compliance through continuous monitoring, audits, and reporting.

• A minimum of seven (7) years of experience in cybersecurity risk management, security assessments, and system security governance is required.
• Candidates must meet the qualifications outlined in the DoD Cyber Workforce Framework (DCWF) for Information Systems Security Manager (ISSM) – Advanced, which includes extensive experience in cybersecurity leadership, risk management, and compliance within DoD environments. 
• Bachelor’s degree in Cybersecurity, Information Technology, or a related field is preferred, though equivalent experience may be considered.
• The candidate must hold a CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) certification to meet DoD 8570.01-M IAM Level III requirements. Additional certifications such as CEH, CRISC, or GSLC are desirable.
• Prior experience with DoD RMF processes, ATO sustainment, vulnerability management, and security impact assessments is essential.
• Technical expertise in cybersecurity compliance tools such as eMASS, ACAS, and HBSS is critical, along with knowledge of PP&S registrations, security audits, and cybersecurity incident handling.
• The ideal candidate should demonstrate proficiency in network security principles, cryptographic techniques, and secure architecture design.
• Strong leadership and communication skills are necessary, with a proven ability to lead cybersecurity teams, provide training, and mentor junior personnel.
• The candidate must be capable of developing security policies, presenting risk assessments, and engaging effectively with senior leadership.

Education: A bachelor’s degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution fulfills the educational requirement for this position.

Clearance: The ability to obtain and maintain a DoD Top Secret security clearance with eligibility for Sensitive Compartmented Information (SCI) access is required.

DoD/Military Training: Candidates should have completed any of the following: 4C-FA26A, M09CHN1, A-531-0009, A-531-0045, or (ACQ 160 + ISA 220).

Training: Risk Management Framework (RMF).

Certifications: CISM, CISSO, FITSP-M, GCIA, GCSA, GCIH, GSLC, GICSP, CISSP-ISSMP, or CISSP.

Foundational Qualification Alternative:  Experience may qualify as a conditional alternative.

Residential Qualification:  On-the-Job Qualification is always required. Environment-Specific Requirements are at the component's discretion.

Annual Maintenance:  Continuous Professional Development of a minimum of 20 hours annually or as required to maintain certification, whichever is greater.