INFOSEC Specialist​/Cybersecurity; DSME

Facility/Facilities:
Atlantic City, NJ | Washington DC

Veracity Engineering is an industry leader in aviation engineering and management consulting. We apply proven principles and innovative approaches to solve tomorrow’s problems today. Since 2001, Veracity’s staff of experienced, passionate and creative professionals has provided our government and commercial clients with innovative solutions to modernize air traffic systems and advance global initiatives in safety, efficiency, and capacity.

The Cybersecurity DSME serves as the technical authority and primary cybersecurity advisor for a portfolio of systems within a specific domain (e.g., Surveillance, Flight Services, Automation, Terminal, En Route, or Oceanic). The DSME is responsible for preparing systems for authorization to operate, conducting comprehensive security assessments, performing risk analysis, and ensuring all domain systems are cyber‑safe to operate within the National Airspace System (NAS).

This role requires deep technical expertise in both cybersecurity frameworks and the operational characteristics of domain‑specific systems. The position is responsible for supporting the Federal Aviation Administration (FAA) NAS Security and Enterprise Operations (NASEO) to minimize the impact of cyber security events or incidents in support of availability and restoration requirements for ATO systems and services.

The FAA runs a multi‑faced cybersecurity program to protect the NAS in accordance with the Federal Information Security Management Act (FISMA).

• Establish and maintain coordination procedures with ATO system Program Offices (PO) to ensure awareness of all proposed system changes
• Participate actively in system configuration management processes, including Configuration Control Boards (CCB)
• Conduct security impact assessments for system configuration changes and identify applicable enterprise security services
• Integrate system changes into the security Authorization process and ensure continuity of authorization
• Review system security acquisition documentation, including security documents required by the Acquisition Management System (AMS) process
• Ensure appropriate security requirements are incorporated into applicable system contractual documents and support integration of enterprise security services
• Coordinate initial security Authorization activities and Information Security Continuous Monitoring (ISCM) activities required to maintain Ongoing Authorization
• Review system security authorization documentation to ensure completeness, accuracy, and compliance with NIST RMF and FAA cybersecurity requirements
• Maintain current system security Authorization information in the Security Management Assessment and Reporting Tool (SMART) and Cybersecurity Assessment Management (CSAM) systems

• Create, track, update, validate, and close system vulnerability remediation Plan of Actions & Milestones (POA&M) in SMART and CSAM
• Coordinate risk acceptance requests, including comprehensive rationale and identification of compensating controls
• Monitor and report on POA&M remediation progress and verify tracking of associated cybersecurity remediation funding

• Review System Owner submitted Privacy Threshold Assessments (PTAs) and privacy documents for completeness and accuracy
• Ensure compliance with privacy requirements and manage privacy risks associated with processing of Personally Identifiable Information (PII)
• Track privacy documentation submissions to FAA Privacy Office and maintain Privacy POA&Ms in appropriate systems

• Coordinate gathering and consolidation of information requested through data calls and audit requests from various stakeholders
• Review responses for completeness and accuracy, collaborating with System Owners to ensure compliance
• Track and report on data call and audit responses at requested frequencies, providing status metrics on completion and pending actions
• Assist in preparation of briefings for executive and management presentations on audit and data call activities