The Air Force Civil Engineer (AFCEC) community has identified the cybersecurity of Civil Engineer (CE) Control Systems as essential in securing the infrastructure at Department of the Air Force (DAF) installations. The AFCEC Operations Directorate (AFCEC/CO) is tasked to support securing this infrastructure by contracting for cybersecurity service capabilities on behalf of the CE enterprise. AFCEC manages cyber risk; and identifies, mitigates, monitors, and predicts cyber vulnerabilities related to CE Control Systems worldwide. By Light is looking to staff positions that would provide innovative, customer-focused, and cost-effective Information Assurance/cybersecurity support services by applying industry standard best practices in addressing mission requirements.
- Leverage technical and cybersecurity expertise to deliver exceptional customer service, troubleshooting, and technical support for a variety of use-cases.
- Triage customer issues to find the optimal path for resolution while maintaining assigned projects and customer communications.
- Organize, update, and maintain Security Support Center and support request documentation.
- Communicate and collaborate on multiple platforms with other team members and experts when necessary.
- Seek out and maintain knowledge on current cyber security trends and threats
- 5+ years of systems administration, NOC/SOC, or support of Security
- Comfort and experience handling inbound and outbound customer calls.
- Experience using support ticket management systems
- Experience meeting service level agreements (SLAs)
- Self-motivation, independence, and demonstrated ownership of responsibilities.
- Ability to build strong relationships, a team player.
- Ability to balance and prioritize multiple projects and remain calm under pressure.
- Effective verbal and written communication skills
- Familiarity with security frameworks and standards (e.g., NIST Cybersecurity Framework (CSF), NIST 800-53, CIS Security Controls, MITRE ATT&CK)
- Familiarity with email security (SPF, DKIM), remote access security (RDP, VPNs, MFA), and basic infrastructure security (e.g., OS fundamentals, patching, network architecture)
- Ability to diagnose and research causes of security issues (e.g., misconfigured DNS records, exposed insecure protocols, use of known-vulnerable software)
- Familiarity with vulnerability reporting, including CVE details, security researcher publications, and vendor security notices.
- Ability to communicate the importance of security controls to non-technical customers.
- If needed ability to assist and instruct customer technical staff in implementing security recommendations consistent with the customer’s environment
- Customer-facing technical support experience required (e.g., level II/III IT helpdesk, SOC call center, on-call IR or DevOps/SRE team)
- CISSP, CySA+, CRISC, CISM, or CEH preferred.
- Any other Information technology or information security related certification not mentioned above, training, and/or formal education preferred.
- Preferred experience in OT/CE technologies
- Security Clearance: Secret