This effort involves supporting SSC Pacific Integrated C2I Engineering Division to ensure the DoD standard processes to minimize the risks associated with non-standard security implementations across shared infrastructure and end systems are being implemented.
Specific tasks to be performed are:
TASK 1 – Generate Common Criteria/DIACAP/RMF Documentation for C4ISR Systems.
TASK 2 – Perform Security Certification Test and Evaluation of C4ISR Systems.
TASK 3 – Perform System Security Test and Evaluation (ST&E) of C4ISR Systems.
TASK 4 – Perform Security Control Evaluation and Platform IT Determination of C4ISR Systems.
TASK 5 – Provide Prevention/Recovery/Investigative Services.
TASK 6 – Provide Cybersecurity Engineering Services.
TASK 7 – Software Development and Prototyping (and Documentation).
TASK 8 – Provide Cross Domain Analysis and Evaluation Services.
TASK 9 - Provide Information Assurance Planning, Coordination and Evaluation Services.
TASK 10 - Software Development Plan (SDP).
TASK 11- Programmatic Support..
PROGRAM REQUIREMENTS - MUST HAVE ACTIVE TS Clearance and minimum level of IAT2 certification.
• Progressive technical (hands-on) experience related to Information Assurance (IA)/Cyber Engineering requirements, determination, development and implementation.
• Experience with Risk Management Framework (RMF) as described in DODI 8510.01 & NIST Special Publication 800-37.
• Experience with eMASS, XACTA, or RSA Archer
• Experience in security systems engineering involving various computer hardware and software operating systems and application solutions in both a standalone and in LAN/WAN configurations.
• Experience with security features and/or vulnerability of various operating systems as defined by NSA, NIST, DISA (STIGS).
• Experience with IA vulnerability testing and related and system test tools;
- e.g. Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS) and other Government-approved tools.
• Understanding of systems engineering requirements, specifications, and experience implementing DoD and Federal IA Certification and Accreditation Process, IA Security controls and developing and maintaining associated certification and accreditation documentation.
• Experience in conducting cyber security audits to ensure appropriate implementation and compliance of the security posture
• Experience in documenting and completing RMF artifacts and documenting to support RMF controls.