Supports and engineers cybersecurity platforms used to protect USAF Industrial Control System (ICS) environments. This role focuses on architecture, deployment, configuration, sustainment, and optimization of multiple enterpriselevel security technologies, including Tenable Security Center (ACAS), Nessus/Nessus Manager, Tenable OT, Trellix ePO/ESS, and ELKbased logging platforms. Works collaboratively with system owners, network engineering, and cybersecurity teams to ensure secure monitoring, vulnerability visibility, and platform health across missioncritical ICS networks.

Responsibilities:

• Engineers, deploys, configures, and maintains ACAS infrastructure (Tenable Security Center, Nessus scanners, Nessus Manager), ensuring reliable credentialed scanning, compliance assessments, and accurate reporting across USAF ICS environments.
• Designs and maintains ESS/Trellix ePO infrastructures, including agent deployment strategies, policy management, sensor health monitoring, and integration with hostbased security controls.
• Implements and administers Tenable OT sensors and management consoles for ICS/OT asset discovery, vulnerability monitoring, protocol analysis, and behavioral detection specific to industrial networks.
• Builds, configures, and optimizes ELKbased logging and analytics platforms, ensuring ingestion pipelines, parsing rules, dashboards, and alerting mechanisms support security visibility, ICS incident response, and operational monitoring.
• Develops and maintains engineering documentation, platform diagrams, deployment guides, maintenance procedures, and security architecture artifacts.
• Performs lifecycle engineering tasks such as system upgrades, patch deployment, plugin and signature management, configuration backups, platform hardening, and capacity planning.
• Designs enterprise scanning architectures, asset tagging strategies, scan zones, credential configurations, and operational workflows aligned to ICS constraints and mission requirements.
• Collaborates with network engineers to ensure routing, segmentation, firewall rules, authentication methods, and access pathways support secure and reliable operation of security platforms.
• Integrates security tools with centralized logging, AAA services, and monitoring systems to support visibility, auditability, and policy enforcement.
• Validates platform health, availability, performance, and data accuracy through continuous monitoring, testing, and tuning.
• Develops custom dashboards, queries, log parsing patterns, and reporting mechanisms to provide mission owners with meaningful insights.
• Provides technical mentorship and guidance to junior engineers; may lead task teams on platformspecific initiatives.
• Stays current with emerging technologies, vendor releases, DoD cybersecurity policies, DISA STIG requirements, and ICS security best practices.

Associated Engineering and Support Functions

• Supports RMF activities by providing validated vulnerability data, compliance evidence, system configuration documentation, and technical artifacts for accreditation packages.
• Coordinates with security analysts, incident response teams, and mission partners to provide platformspecific data, historical context, and engineering support when investigating security events.
• Evaluates requested system changes (network adjustments, firewall updates, scanning schedules, agent policies) to determine operational impact and ensure continued platform integrity.
• Participates in special projects, prototype efforts, modernization initiatives, and technology insertion related to ICS cybersecurity.
• Ensures integration, policy compliance, and the protection of ICS networks through engineering of vulnerability scanning, endpoint security, OT visibility, and logging architectures.

Qualifications:

• 5+ years of related experience.
• Cyber security certification required (min. IAM Level III).
• DoD SECRET clearance required.
• Knowledge of DOD and Air Force Risk Management Framework (RMF), Information Assurance, and NETOPS is a plus.
• Knowledge of Industrial Control Systems (ICS) security highly desired.
• Familiarity with USAF EITDR/ITIPS and DoD eMASS desired.
• Familiarity with NIST 800 series, DoDI 8510.01, and AF 17-101 desired.