CyberSecurity/Automated Information Systems Analyst (Hawaii)

Location: Kekaha, Hawaii
Date Posted: 04-17-2018 #10866220

Secret security clearance required:

PMRF Information Assurance Support Services to be performed on-site at the Pacific Missile Range Facility, Kekaha HI 96752

Manu Kai is responsible for providing Information Technology operations and maintenance inclusive of Cybersecurity, Network Engineering, Systems Administration, Database Services, phone services and Fiber/Copper Cabling at the Pacific Missile Range Facility (PMRF). The Information Technology infrastructure encompasses classified and unclassified Range Networks and Communications systems. PMRF networks and communications support various training events in a live mission environment and require Cybersecurity compliance under DIACAP Certification and Accreditation (C&A) or RMF Assessment and Authorization (A&A) for accreditation and Authority to Operate (ATO).

The contractor will provide technical expertise in support of gathering of information, completing necessary forms and packages for submission to the government customer for accreditation of various networks at PMRF.

Technical Requirements
Contractor shall support A&A efforts at PMRF for both classified and unclassified range networks and communications systems to include but not limited to the following Cybersecurity requirements as applicable:
1. Create and review Risk Management Framework (RMF) documentation
2. Review and validate Security Technical Implementation Guides (STIG) checklists and Security Content Automation Protocol (SCAP) benchmarks
3. Perform scanning of systems utilizing Assured Compliance Assessment Solution (ACAS) software to identify vulnerabilities
4. Verify and document network topology to include ports, protocols and services (PPS)
5. Prepare Risk Assessment Report (RAR) documentation, System Categorization and Control Selection documents
6. Develop and review network topology diagrams
7. Provide Subject Matter Expert (SME) level recommendations to ISSO and ISO to support A&A package creation
8. POA&M maintenance/management

Performs security tasks required by the DoD 8500.1 DoD Cybersecurity Instruction, DoD8510.01 Risk Management Framework (RMF) for DoD Information Technology, DoD 5220.00-M National Industrial Security Program Operating Manual (NISPOM), National Institute for Standards and Technology {NIST) Special Publication 800-37, and other Policy for the administration and safeguarding of US and foreign Government classified and unclassified information as it pertains to DoD networks, standalone computer systems, and Platform IT. Verifies and ensures compliance with US Government requirements for Cyber Security.

Major Job Activities
1. Plans, executes and tracks successful RMF Assessment and Authorization {A&A) documentation submissions to the customer per NIST SP800-37 and other RMF guidelines
2. Provides feedback to policy guidelines for the interpretation, implementation, inspection, and enforcement of DoD, DoN and customer directed Cybersecurity requirements
3. Interfaces/maintains liaison with the System Owners, System ISSOs , Command Network Manager, and other Cognizant Security Agencies regarding Accreditation Scheduling, activities
4. Performs ACAS report reviews, Nessus scanning, and STIG and SCAP validations
5. Assists ISSOs with identifying applicable existing policies or creating policy guidelines and processing documents for non-compliant controls
6. Participates in risk analysis, performance, reliability, and security impact analysis to determine appropriate Cyber Security products, systems, and policies for implementation
7. Provide detailed weekly status reports to the IT Manager, Program Manager and Cybersecurity Lead
8. Attend A&A meetings as directed by the Cybersecurity Lead

-Education: Bachelor's Degree in Engineering, Computer Science, MIS, or other related scientific field is desired
-Certification: Must be DoD 8570.lM certified at lAT Level 2 and maintain certification throughout duration of employment {IA Baseline Certification of Security+CE or CISSP)
-Computing Environment Certification in one or more of MS Win7/Win10, Win Svr. 2008/2012, Linux, CCENT, CCNA, Junos a plus
-A.S./A.A or B.A. Degree; ten (10) years of experience in IT disciplines may substitute for the Bachelor's Degree requirement
-Five {5) years of cybersecurity related experience
-Working level knowledge of DoD cybersecurity practices/procedures is required
-Three (3) years of specific DIACAP/DIARMF or RMF related experience
-Experience in briefing DoD Executive Leadership {0-6 / GS-13 and above) a plus
-SME level knowledge of current DoN Cybersecurity practices/procedure is highly desirable
-CISSP is highly desirable
this job portal is powered by CATS