Provide Cyber Security expertise, including feasibility studies, technical evaluation, justification, acquisition/procurement, installation, implementation, management, and administration of IT systems including virtualized infrastructures and systems (ex. VMWare and OpenStack).
Provide technical support to Information Systems Security Managers (ISSM) and ISSOs throughout the CCoE.
Maintain the CCOE security posture with proper certification and accreditation procedures/documentation/mitigation through continuous monitoring of CAT Is and II/III findings.
Assist in the administration of an effective Cyber Security program that involves providing management of organizational risk advice, guidance, and assistance. Stay abreast on changes to Joint, DOD and Army doctrine as it pertains to cyber security and risk management. Maintain up-to-date on IT news regarding network security and future trends in Cyber Security (ex. cloud computing security).
Update, maintain and test the Disaster Recovery Plan and Continuity of Operation (COOP) to reflect changes in the IT environment.
Assist in the coordination of vulnerability assessments, inspections, tests and reviews of the CCoE’s information systems and processes.
Provide contact with customers and must maintain good customer relations as well as understand and apply the processes of IT project management.
Create system requirements, identifies and assesses alternative solutions, prepares the recommendation in either document and/or briefing format. Present options to the customer for implementation. Sample expertise includes the preparation of security policies, security plans, user's guides, system administrator guides, or network security design documents.
Generate and/or coordinate the compiling of all document deliverables required for Certification & Accreditation (C&A) utilizing RMF methodology
Process, track and manage C&A packages into applicable systems (ex. eMASS).
Identify information protection needs for the Network Environment (NE).
Define NE security requirements in accordance with applicable IA requirements.
Provide system related input on IA security requirements to be included in statements of work and other appropriate procurement documents.
Develop Cross Domain Solution (CDS) for use within a Computing Environment (CE) or NE.
Develop and implement security designs for new or existing network system(s).
Design of hardware, operating systems, and software applications adequately address IA security requirements for the NE.
Design, develop, and implement network security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation.
Design, develop, and implement specific IA countermeasures for the NE.
Develop interface specifications for the NE.
Develop approaches to mitigate NE vulnerabilities and recommend changes to network or network system components as needed.
Ensure that network system(s) designs support the incorporation of DoD-directed IA vulnerability solutions, e.g., IAVAs.
Ensure compliance with IA architectures and designs for DoD IS with medium integrity and availability requirements, to include MAC II, systems with a medium Level-of-Concern for availability or integrity in accordance with Reference (vu), and other DAA designated systems.
Develop IA architectures and designs for JWICS and DIA systems.
Assess threats to and vulnerabilities of the NE.
Identify, assess, and recommend IA or IA-enabled products for use within an NE; ensure recommended products in compliance with the DoD evaluation and validation requirements.
Ensure that the implementation of security designs properly mitigate identified threats.
Assess the effectiveness of information protection measures used by the NE.
Evaluate security architectures and designs and provide input as to the adequacy of security designs and architectures proposed or provided in response to requirements contained in acquisition or MILCON/MCA documents.
Ensure security deficiencies identified during security/certification testing have been mitigated, corrected, or a risk acceptance has been obtained by the appropriate DAA or authorized representative.
Provide input to IA C&A process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
Participate in an IS risk assessment during the C&A process and design security countermeasures to mitigate identified risks.
Provide engineering support to security/certification test and evaluation activities.
Document system security design features and provide input to implementation plans and standard operating procedures.
Recognize a possible security violation and take appropriate action to report the incident.
Implement and/or integrate security measures for use in network system(s) and ensure that system designs incorporate security configuration guidelines.
Design, Integrate and Implement NE and CE IA policies into system architectures.
Assist in Administrative Tasks such as budget creation, account creation, task management, etc.
Execute monthly reports (analyze users in compliance, monthly IA Awareness/IANO meeting, IA Inspections (engineer support to DAIG, CCRI, Cyber Awareness, etc) and input to the quarterly Incident Handling report)
Attend meetings directly related to duties IAW PWS to gain insight and/or provide subject matter expert (SME) guidance. Take legible notes and be able to provide them upon request.
Provide support to Identity and Access Management: (Account Monitoring, PKI, PII breach, Insider Threat, CCOE SIPRNET Tokens issued and requested); Assists with Local Registration Authority/Trusted Agent (LRA/TA) duties for SIPRNET token tracking/issuance/administrative functions such as issuing/creating tokens, token status reports, and planning.
In depth Understanding of DoD 8500 series for Information assurance and CJCSM 6510 for IA/CND and Cyber Incident Handling Program.
Have a minimum of seven (7) years of work experience in the area of Information Assurance, Cyber/Information Security
Technical Skills Required:
Minimum of 1 year of experience performing high-volume analysis of logs, network and system data in one or more of the following tools: (preferred tool Assured Compliance Assessment Solution (ACAS) but also familiarity with other similar tools)
Ability to use and recommend implementation of infrastructure and security monitoring technologies (ex. Security Onion, Splunk, SolarWinds, ACAS)
Endpoint Protection: (ex. McAfee EPO/ Host based security system (HBSS)
Awareness of the latest network and application hacking techniques and countermeasures (emerging trends).
Have at least one (1) year of Certification and Accreditation & Cyber Risk Management experience: DoD RMF (DoD 8500, DoD 8510, NIST 800-37/-53), and DCID 6/3 and ICD 503 processes and implementing frameworks by performing risk assessments, system certification and accreditation at all classification levels (NIPRNET, SIPRNET and JWICS)
Have at least three (3) years of experience in Security Engineering of DOD Network Infrastructure, Wireless Technologies (Mobile IoTs, Endpoint Security, Network protocols, COMSEC and PKI.
Have Demonstrated knowledge of network threats, attacks, and other methods of exploitation, and the ability to develop Tactics, Techniques, Procedures (TTPs) to mitigate, deter, and respond.
Have knowledge of Cyber Security practices for cloud and virtual environments (ex. Amazon Web Services (AWS), Microsoft Azure, VMWare and OpenStack)
Have strong Knowledge of security incident handling/incident response process, methods and coordination with Regional Cyber Center-CONUS (RCC-C), Regional Network Enterprise Center (RNEC), NEC, etc.
Have strong knowledge and understanding of DoD and Intelligence Community (IC) engineering efforts, as it relates to security engineering (MILCON/MCA projects)
Have strong knowledge of the development of CCOE Policy (Policies, SOPs, TTPs, etc) and the conduct of the associated inspections for user adherence to the CCOE policy developed.
Certifications Required – all of the following are required
This position is designated as Information Assurance Workforce (IAWF) (1) IAM II, (2) IASAE II and (3) CSSP Auditor. See section 220.127.116.11, Cybersecurity/Information Technology (IT) Certification, in this PWS for detailed Army and DoD guidance and requirements. The following are required at contract start date and must be maintained throughout the life of the contract:
Baseline certifications. Note: Either CASP or CISSP (or associate) will satisfy baseline certifications for both IASAE II and IAM II.
IASAE II: CASP, CISSP (or associate), or CSSLP and
CSSP Auditor: CEH (red), CySA+ (blue), CISA, or GSNA and
IAM II: CAP, CASP, CISM, CISSP (or associate), or GSLC
Computing Environment (CE) certifications: N/A - only required for IAT IAWF positions.
Be monitored in the Army Training and Certification Tracking System (ATCTS).
Successfully complete Information Assurance Fundamentals on line course and exam at https://cs.signal.army.mil.