INFOSEC Specialist/Cybersecurity (DSME)

Facility/Facilities: Atlantic City, NJ | Washington DC

Veracity Engineering is an industry leader in aviation engineering and management consulting. We apply proven principles and innovative approaches to solve tomorrow’s problems today. Since 2001, Veracity’s staff of experienced, passionate and creative professionals has provided our government and commercial clients with innovative solutions to modernize air traffic systems and advance global initiatives in safety, efficiency, and capacity.

Veracity Engineering is an industry leader in aviation engineering and management consulting. We apply proven principles and innovative approaches to solve tomorrow’s problems today. Since 2001, Veracity’s staff of experienced, passionate and creative professionals has provided our government and commercial clients with innovative solutions to modernize air traffic systems and advance global initiatives in safety, efficiency, and capacity.

Veracity Engineering is an industry leader in aviation engineering and management consulting. We apply proven principles and innovative approaches to solve tomorrow’s problems today. Since 2001, Veracity’s staff of experienced, passionate, and creative professionals has provided our government and commercial clients with innovative solutions to modernize air traffic systems and advance global initiatives in safety, efficiency, and capacity. Veracity Engineering has an exciting opportunity for an INFOSEC Specialist/Cybersecurity Domain Subject Matter Expert (DSME) with FAA in Washington, DC or at the WJHTC, Atlantic City NJ.

The Cybersecurity DSME serves as the technical authority and primary cybersecurity advisor for a portfolio of systems within a specific domain (e.g., Surveillance, Flight Services, Automation, Terminal, En Route, or Oceanic). The DSME is responsible for preparing systems for authorization to operate, conducting comprehensive security assessments, performing risk analysis, and ensuring all domain systems are cyber-safe to operate within the National Airspace System (NAS). This role requires deep technical expertise in both cybersecurity frameworks and the operational characteristics of domain-specific systems. This position is responsible for support The Federal Aviation Administration (FAA) NAS Security and Enterprise Operations (NASEO) (AJW-B) to minimize the impact of cyber security events or incidents in support of availability and restoration requirements for ATO systems and services.

The FAA runs a multi-faceted cybersecurity program to protect the NAS in accordance with the Federal Information Security Management Act (FISMA).

Essential Functions:

System Change Management

  • Establish and maintain coordination procedures with ATO system Program Offices (PO) to ensure awareness of all proposed system changes
  • Participate actively in system configuration management processes, including Configuration Control Boards (CCB)
  • Conduct security impact assessments for system configuration changes and identify applicable enterprise security services
  • Integrate system changes into the security Authorization process and ensure continuity of authorization
  • Review system security acquisition documentation, including security documents required by the Acquisition Management System (AMS) process
  • Ensure appropriate security requirements are incorporated into applicable system contractual documents and support integration of enterprise security services

System Authorization & Continuous Monitoring

  • Coordinate initial security Authorization activities and Information Security Continuous Monitoring (ISCM) activities required to maintain Ongoing Authorization
  • Review system security authorization documentation to ensure completeness, accuracy, and compliance with NIST RMF and FAA cybersecurity requirements
  • Maintain current system security Authorization information in the Security Management Assessment and Reporting Tool (SMART) and Cybersecurity Assessment Management (CSAM) systems

Vulnerability Management & Remediation

  • Create, track, update, validate, and close system vulnerability remediation Plan of Actions & Milestones (POA&M) in SMART and CSAM
  • Coordinate risk acceptance requests, including comprehensive rationale and identification of compensating controls
  • Monitor and report on POA&M remediation progress and verify tracking of associated cybersecurity remediation funding

Privacy & Compliance Management

  • Review System Owner submitted Privacy Threshold Assessments (PTAs) and privacy documents for completeness and accuracy
  • Ensure compliance with privacy requirements and manage privacy risks associated with processing of Personally Identifiable Information (PII)
  • Track privacy documentation submissions to FAA Privacy Office and maintain Privacy POA&Ms in appropriate systems

Data Call & Audit Response Management

  • Coordinate gathering and consolidation of information requested through data calls and audit requests from various stakeholders
  • Review responses for completeness and accuracy, collaborating with System Owners to ensure compliance
  • Track and report on data call and audit responses at requested frequencies, providing status metrics on completion and pending actions
  • Assist in preparation of briefings for executive and management presentations on audit and data call activities

Documentation & Policy Development

  • Support development, review, and maintenance of NAS Cybersecurity Standard Operating Procedures (SOPs) and ATO cybersecurity policies
  • Establish and maintain online data repositories and reference libraries of program documentation accessible by authorized stakeholders
  • Support integration of critical infrastructure industry best practices into ATO policy and ensure NAS systems are cybersecurity compliant prior to operations

Multiple Positions Available: 

  • Senior Level (Level 1): 20+ years of relevant experience.
  • Mid-Level (Level 2, Level 3): 15 – 20 years of relevant experience, 10-15 years of relevant experience.
  • Junior Level (Level 4): 6-10 years of relevant experience.

Must Haves:

  • Bachelor’s Degree in a related information technology field.
  • 5 years of relevant experience may be substituted for the bachelor’s degree.
  • Master’s Degree or MBA in related field may be substituted for bachelor’s degree and 3 years’ experience.
  • PhD in related field may be substituted for bachelor’s degree and 7 years’ experience.

At Veracity, we want our employees to excel and grow professionally. With an emphasis on continuing education, we demonstrate our commitment to employee growth and development by providing tuition reimbursement for education and certifications. In addition to tuition reimbursement, we offer one of the best benefits packages in the industry: competitive health benefits package, paid time off, 401K matching and vested from day one to name just a few of our benefits and perks.

U.S. Eligibility Requirements (Standard for all U.S. Positions)

  • Interested candidates must submit an application and resume/CV online to be considered.
  • Must be 18 years of age or older.
  • Must be willing to submit to a background investigation; any offer of employment is conditioned upon the successful completion of a background investigation.
  • Must have unrestricted work authorization to work in the U.S. For U.S. employment opportunities, Veracity hires U.S. citizens, permanent residents, asylees, refugees, and temporary residents. Temporary residence does not include those with non-immigrant work authorization (F, J, H, or L visas), such as students in practical training status. Exceptions to these requirements will be determined based on shortage of qualified candidates with a particular skill. Veracity will require proof of work authorization.
  • Must be willing to execute Veracity’s Confidentiality and Non-Disclosure Agreement which requires, among other things, post-employment obligations relating to non-solicitation, confidentiality, and non-disclosure

Veracity believes that all persons are entitled to equal employment opportunity and does not discriminate against nor favor any applicant because of race, sex, color, disability, national origin, religion, creed, age, marital status, veteran status, gender, gender identity / expression, actual or perceived sexual orientation, or any other protected characteristic.​ Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Veracity will make reasonable accommodations to known physical or mental limitations of an otherwise qualified applicant with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

At Veracity, we want our employees to excel and grow professionally. With an emphasis on continuing education, we demonstrate our commitment to employee growth and development by providing tuition reimbursement for education and certifications. In addition to tuition reimbursement, we offer one of the best benefits packages in the industry: competitive health benefits package, paid time off, 401K matching, and vested from day one to name just a few of our benefits and perks.

U.S. Eligibility Requirements (Standard for all U.S. Positions)

  • Interested candidates must submit an application and resume/CV online to be considered.
  • Must be 18 years of age or older.
  • Must be willing to submit to a background investigation; any offer of employment is conditioned upon the successful completion of a background investigation.
  • Must have unrestricted work authorization to work in the U.S. For U.S. employment opportunities, Veracity hires U.S. citizens, permanent residents, asylees, refugees, and temporary residents. Temporary residence does not include those with non-immigrant work authorization (F, J, H, or L visas), such as students in practical training status. Exceptions to these requirements will be determined based on the shortage of qualified candidates with a particular skill. Veracity will require proof of work authorization.
  • Must be willing to execute Veracity’s Confidentiality and Non-Disclosure Agreement which requires, among other things, post-employment obligations relating to non-solicitation, confidentiality, and non-disclosure

Veracity believes that all persons are entitled to equal employment opportunity and does not discriminate against nor favor any applicant because of race, sex, color, disability, national origin, religion, creed, age, marital status, veteran status, gender, gender identity/expression, actual or perceived sexual orientation, or any other protected characteristic.​ Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Veracity will make reasonable accommodations to known physical or mental limitations of an otherwise qualified applicant with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

At Veracity, we want our employees to excel and grow professionally. With an emphasis on continuing education, we demonstrate our commitment to employee growth and development by providing tuition reimbursement for education and certifications. In addition to tuition reimbursement, we offer one of the best benefits packages in the industry: competitive health benefits package, paid time off, 401K matching, and vested from day one to name just a few of our benefits and perks.

U.S. Eligibility Requirements (Standard for all U.S. Positions)

  • Interested candidates must submit an application and resume/CV online to be considered.
  • Must be 18 years of age or older.
  • Must be willing to submit to a background investigation; any offer of employment is conditioned upon the successful completion of a background investigation.
  • Must have unrestricted work authorization to work in the U.S. For U.S. employment opportunities, Veracity hires U.S. citizens, permanent residents, asylees, refugees, and temporary residents. Temporary residence does not include those with non-immigrant work authorization (F, J, H, or L visas), such as students in practical training status. Exceptions to these requirements will be determined based on the shortage of qualified candidates with a particular skill. Veracity will require proof of work authorization.
  • Must be willing to execute Veracity’s Confidentiality and Non-Disclosure Agreement which requires, among other things, post-employment obligations relating to non-solicitation, confidentiality, and non-disclosure

Veracity believes that all persons are entitled to equal employment opportunity and does not discriminate against nor favor any applicant because of race, sex, color, disability, national origin, religion, creed, age, marital status, veteran status, gender, gender identity/expression, actual or perceived sexual orientation, or any other protected characteristic.​ Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Veracity will make reasonable accommodations to known physical or mental limitations of an otherwise qualified applicant with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Apply Now