Information Systems Security Officer
Alaka`ina Foundation
- Maui, HI
- Permanent
- Full-time
- Ensure that personnel accessing information systems have the proper and current Information Assurance (IA) certification to perform administrative functions in accordance with (IAW) DoD Manual 8140.03 Cyberspace Workforce Qualification and Management Program. Current IA Certifications must be obtained within 15 days after contract start.
- Will act as the Local Registration Authority (LRA).
- Ensure all endpoints & network devices are patched & secured IAW the latest Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs), Time Compliance Network Orders (TCNOs), Time Compliance Technical Orders (TCTOs), Approved Products List (APL), and Local Security Guidelines as directed.
- Perform network scanning to identify vulnerabilities, misconfigurations, and patch/re-configure as required to comply with DISA STIGs, IAVAs, TCNOs, APL, and Local Security Guidelines as directed. AQL: 100% compliant with DISA STIGs, IAVAs, TCNOs, APL, and Local Security Guidelines.
- Apply patches or configuration updates to servers identified in ACAS scans 100% of the time every month
- Perform the duties of COMSEC Responsible Officer (CRO) including cryptographic rekeys in support of SIPRNet and JWICS operations.
- Enter all database and maintenance changes in a log and retain for record.
- Furnish qualified on-site technicians to provide network vulnerability management, system scanning, network server support, troubleshooting, repair, and Assessment & Authorization (A&A)/Authority to Operate (ATO) documentation for 15 SPSS communications systems encompassing the operational network.
- Perform all necessary actions to manage, maintain and ensure there is no lapse in the current Core Comm network accreditation via the Risk Management Framework and A&A/ATO package workflow IAW AFI 17-101.
- The communications systems management AIS include Assured Compliance Assessment Solution (ACAS), AFNetOps Compliance Tracker (ACT), System Center Configuration Manager (SCCM), Remote Desktop, and Remedy Ticketing System.
- Provide routine scans of security threats and perform corrective action IAW DISA STIGs, TCNOs, and local security guidance.
- Monitor cyber event tasking in order to detect and mitigate malicious cyber events.
- Coordinate with CFP for resolution of non-advertised TCNOs.
- Monitor and maintain SCCM server health. The Contractor shall ensure SCCM is operational and prepared for vulnerability patching.
- Maintain software exemption lists for automated patching.
- Utilize approved AIS to monitor, review, and generate applicable TCNO status listing and report to CFP weekly.
- Complete cyber network vulnerability management scans across the 15 SPSS NIPRNet, SIPRNet, and JWICS encompassing all network device Operating Systems (OS) utilizing approved AIS.
- Apply patches or configuration updates to servers identified in ACAS scans 100% of the time every month.
- Identify and implement required software patches to network OS in standard desktop and standard server configurations.
- Monitor vulnerabilities on NIPRNet, SIPRNet, and JWICS network systems using the scanning methods IAW local operating procedures.
- Effectively manage 747CS/CA632310 COMSEC sub-account E-46 on behalf of 15SPSS.
- Provide personnel to support the responsibilities of the COMSEC Responsible Officer (CRO) and Cryptographic Access Program (CAP) administrator.
- Provide the manpower necessary to maintain the COMSEC sub-account.
- Complete all necessary COMSEC training and certification requirements as required from the main COMSEC account. Personnel shall support the CRO in training COMSEC users.
- Document initial and refresher CUI training on the AF Form 4168.
- Conduct assessments and inventories, document results and maintain EKMS forms on file.
- Manage, control, protect and safeguard COMSEC facilities, material, equipment and documentation IAW all applicable NSA, AF and 747CS policies, procedures and instructions.
- Perform COMSEC Responsible Officer (CRO) duties for sub-account E-46 under JBPH-H COMSEC Acct CA632310.
- Provide crypto keying and cryptographic equipment accountability, as required.
- Pick up and deliver COMSEC material from the supporting COMSEC account.
- Keep keying materials secured in approved Government-provided GSA containers.
- Complete reports involving physical, cryptographic, and personnel COMSEC incidents.
- Establish, maintain, and dispose of COMSEC documentation.
- 100% compliant with all applicable NSA, AF and 747CS policies, procedures and instructions.
- Supporting personnel shall be responsible for requesting, downloading, storing and ensuring keying material is available for all encryption equipment on site.
- COMSEC users shall be responsible for storing keying material, loading keying material into encryption devices.
- Troubleshoot secure communications problems and coordinate with the CRO, COMSEC users and 747 COMSEC account to resolve any issues.
- Assigned and perform duties of a CRO for network (SIPRNet and JWICS) related COMSEC material IAW DoD 5220.22M Chapter 9 Section 4, AFMAN 17-1302 COMSEC Operations.
- Receive CRO training from the 747th CS COMSEC office located at JBPHH.
- Responsible for periodic loading and re-keying of network (SIPRNet)related cryptographic equipment.
- Bachelors degree or higher from an accredited college or university OR
- CAP or CASP+ or Cloud+ or CYCA+ or PenTest+
- Must be a U.S. Citizen
- Must have Top Secret clearance