Cybersecurity Program Support

Location: Dayton, Ohio, United States

Notice

This position is no longer open.

Requisition Number: 4160

Position Title:

External Description: Cybersecurity Program Support
Dayton, OH, USA • Wright-Patterson AFB, OH, USA Req #4160

Monday, September 27, 2021

Summary

All Native Group is seeking an SC Cybersecurity Program Support to provide system support to the United States Space Force in Dayton, Ohio.All Native Group is in an active bidding process for this position. Employment is contingent upon All Native Group being awarded the contract.

Essential Functions

• Support the NASIC Cybersecurity team, facilitating the assessment and authorization (A&A) an continuous monitoring of approximately 65 operational national security systems within NASIC in accordance with Intelligence Community Directive 503, National Institute of Standards and Technologies 800-Series Publications, Committee on National Security Systems Instructions, and the Risk Management Framework.

• Support the NASIC Cybersecurity Branch, NASIC Information System Security Managers (ISSMs), and Information System Security Officers (ISSOs) in the oversight and execution of organization-

• wide Cybersecurity programs through the creation, maintenance, and delivery of policy, process documentation, and training.

• Provide analytical support and risk assessment for output from cybersecurity capabilities such as endpoint security, audit logs, and vulnerability scanning

Competencies

• Produce, request, and collect required information to accurately communicate the status of operational system authorization packages, track system packages progress within the Xacta workflow, update system status within branch internal database. Create reports as necessary to provide leadership situational awareness of the ATO status of all systems.

• Track significant events, as required, such as Service Requests, Incident Reports, and open CSRDs (IT requirements). Maintain a help desk function for cybersecurity-related trouble tickets, ensuring all tickets and requests are assigned to the appropriate SME, tracked and reported, and resolved.

• Review, update, maintain, and create, when needed, Cybersecurity policy documents and Standard Operating Procedures to establish and maintain proper oversight of organizational Cybersecurity programs. Develop communication plans and training to accompany policy and procedures when required.

• Evaluate, conduct process-improvement analysis on, propose improvement strategies for, and implement streamlined processes for all Cybersecurity branch functions: Assessment & Authorization (A&A), defensive cybersecurity functions, and TEMPEST/EMSEC. Appraise policies and requirements governing these processes and ensure compliant repeatable processes are developed, documented, and implemented.

• Restructure, redesign, and reorganize the Cybersecurity SharePoint site such that resources, guidance, and training are logically organized and readily accessible to all Cybersecurity customers.

• Assist with the identification and tracking of applicable hardening guidance such as DISA STIGs and vendor-provided hardening guides. Assist with the interpretation and application of hardening requirements when required.

• Ensure Cybersecurity processes integrate with NASIC configuration management processes and, as part of a team, evaluate and acquire approval for changes to authorized systems

• Assist with the development, tracking, reporting, and completion of System and Program Plans of Actions and Milestones (POA&Ms) to resolve either self- or externally-identified deficiencies. Document and track unmitigated vulnerabilities and approved exceptions to policy.

• Support RMF system assessments and security/cybersecurity inspections. Produce security assessment reports and/or inspection reports as required.

• Analyze, interpret, and create actionable information from the output of enterprise cybersecurity capabilities such as the Security Information and Event Management (SIEM) tool, endpoint security, network boundary protection, network intrusion detection, vulnerability scanning, and Security Content Automation Protocol (SCAP) compliance scanning.

• Assess the risk from individual vulnerability and threat events as well as the overall enterprise risk and propose mitigations to reduce residual risk. Incorporate data from all available sources to support NASIC continuous monitoring and risk assessment. Develop and present risk scoring in accordance with NIST guidance and best practices.

• Provide monthly functional area reports summarizing work accomplished, work planned in next month and important issues occurring during the month. Report shall include system and POA&M status (if applicable) and trend data.

Supervisory Responsibility

None required for this position

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

• Must be able to remain in a stationary position 75% of the time.

• Occasionally moves about inside the office to access file cabinets, office machinery, etc.

• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.

• Expresses or exchanges ideas by means of the spoken word. Those activities in which they must convey detailed or important spoken instructions to other workers accurately, loudly or quickly.

• Frequently moves standard office equipment up to 25 pounds.

• Must be able to work indoor conditions 90% of the time.

While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms.

Position Type/Expected Hours of Work

This is a full-time position. Typical days and hours of work are Monday through Friday, 8:00 a.m. to 5:00 p.m. Evening and weekend hours required, as required by business need.

Travel

Travel is primarily local during the business day, although some out of the area travel and overnight may be expected.

Experience

• 3 years of position relevant experience

• 2+ years experience managing Cybersecurity/Information Assurance programs within the DoD or IC

Education

• Bachelor's Degree with diploma from an accredited educational institution; Graduate Diploma from a technical or vocational school or have acquired equivalent military training with certifications.

• Training, experience, or formal education in the accreditation of DoD or IC information systems under the RMF

• Training, experience, or formal education in the Capability Maturity Model Integration (CMMI), Information Technology Infrastructure Library (ITIL), or Information Technology Services Management (ITSM) Methodologies is desired

Additional Eligibility Qualifications

• Baseline certifications for IAM I include: CAP, or CND, or Cloud+, or GSLC, or Security+ CE.

Security Clearance

Must possess or be able to obtain/maintain a TS/SCI security clearance

AAP/EEO Statement

All Native Group is an equal opportunity employer. All applicants are considered without regard to age, sex, race, national origin, religion, marital status or physical disability. However, preference may be extended to persons of Indian descent in accordance with applicable laws.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

#LI-EI1

Other details

  • Job Family IT / Cyber Security / Network Systems
  • Pay Type Salary

City: Dayton

State: Ohio

Community / Marketing Title: Cybersecurity Program Support

Company Profile:

Location_formattedLocationLong: Dayton, Ohio US

CountryEEOText_Description: US EEO Verbiage

Copyright 2020 © All Native Group

filler