|Date Posted||April 29, 2021|
Certified Information System Security Professional (CISSP) certification is required to be eligible for the Government’s IMA Level II certification.
Essential Job Functions:
Provide support and assistance with technical direction in the areas of: requirements generation, systems design and integration, development, modification, test, production, sustainment, deployment, operations, and divestiture, as required
Assist with providing technical expertise and draft documentation required by all policies and decision levels for development, integration, implementation, and sustainment of systems’ anti-tamper compliance and IA A&A through the appropriate decision accreditation authority.
The Contractor shall support all IA audits and required testing events.
The Contractor shall have working knowledge of threat assessment process, embedded computer systems, software applications, and networking systems.
The Contractor shall assist in acquiring and maintaining program accounts for Enterprise Mission Assurance Support Service (eMASS) and Enterprise Information Technology Data Repository (EITDR), as needed
Provide technical expertise of A&A in support of the following system security/cybersecurity tasks:
- CPI/Critical Technologies (CT) identification, threat and vulnerability analysis, risk identification and management, and cost analysis.
Attending program engineering milestone reviews.
Following DoD Risk Management Framework (RMF) and/or PIT process, System Security Plan (SSP) development.
Participation in a program’s Assessment and Authorization Working Group.
Developing/coordinating presentations, Interim Authority to Test (IATT) and Interim Authority to Operate (IATO), and Authority to Operate (ATO) packages with program office personnel, Certification Authority (CA), Designated Approval Authority (DAA), Air Force Operational Test and Evaluation Command (AFOTEC) and operational command personnel.
Assist in reviewing/developing/updating applicable program documentation for security relevant requirements/issues. Examples include anti-tamper plans, SS, Information Support Plan (ISP), PPP, Information Assurance Strategy (IAS), RMF, Initial Capabilities Document (ICD), Operational Requirements Document (ORD)/ CDD, Concept of Operations (CONOPS), and Security Classification Guide (SCG).
Develop and update the ISP as required and provide analysis and support for the adjudication of comments and/or recommendations regarding the ISP.
Assist the program office in defining the responses and justification for acceptance and/or rejection of ISP reviewers.
Coordinate responses with ISP reviewers and update the ISP in the Rationale Systems Architect Tool and the Enhanced Information Support Plan (EISP) Tool, if required.
Coordinate and ensure ISP reviewer acceptance of resolution in EISP or Global Information Grid Technical Guidance (GTG).
Due to the sensitivity of customer related requirements, U.S. Citizenship is required.
A Bachelor's in a science, technology, engineering, math, cybersecurity, or computer science field of study plus 10 years of experienceis required.
Must have a certification to Information Assurance Manager (IAM) Level II as defined in AFM 33-285 and DoD 8570.01-M; Certified Information System Security Professional (CISSP) certification or equivalent as defined by AFM 33-285 and DoD 8570.01-M is required to be eligible for the Government’s IMA Level II certification.
Possesses the advanced knowledge, experience and recognized ability to be considered an expert in their technical/professional field, possess the ability to perform tasks and oversee the efforts of junior and journeyman personnel within the technical/professional discipline. Will demonstrate advanced knowledge of their technical/professional discipline as well as possess a comprehensive understanding and ability to apply associated standards, procedures and practices in their area of expertise. (Program Office, Enterprise and Staff Level Support interface.