Five (5) years of full-time professional experience in Cybersecurity Engineering, Information Assurance, Vulnerability analysis, risk remediation, and the implementation of cybersecurity controls within DoD systems. Possesses an in-depth understanding of computer security, military system specifications, DoD cybersecurity policies, and the ability to communicate clearly and succinctly in written and oral presentations. Possesses an in-depth understanding of the DoD Information Assurance Certification and Accreditation Process (DIACAP), Risk Management Framework (RMF), Platform IT (PIT), and the implementation of Cybersecurity and IA boundary defense techniques and various IA-enabled appliances. Examples of these appliances and applications are Firewalls, IDS, IPS, Switch/Routers, Cross Domain Solutions (CDS), EMASS and Host Based Security Systems (HBSS). Candidate shall possess IAM Level II Certification IAW DoD Directive 8570.1.
1. Author DoD IA Certification and Accreditation artifacts.
2. Document a system from an IA perspective using Microsoft Office including MS Word, MS Excel and MS Visio and other appropriate tools.
3. Derive, document and/or identify system CONOPS for Mission Assurance Categorization per DoDI 8500.2.
4. Research and recommend logical and physical solutions that prevent, detect and correct the system to be certified and accredited.
5. Apply DISA Security Technical Implementation Guides (STIGs) and NSA recommendations.
6. Identify disagreements between as built specifications, security requirements and DoD security policies and recommend approaches to bring the system into compliance.
7. Author and revise system requirements and specifications to meet DoD security policies.
8. Perform vulnerability tests as Red Team and Blue Team using manual techniques, Assured Compliance Assessment Solution (ACAS) and other similar and appropriate IA and security tools.
9. Plan, execute and document risk assessments against known vulnerabilities based upon security approaches and known hacker techniques and exploits.
10. Identify and perform security analysis of connectivity relationships between the subject US Naval warfare system and the equipment to which it interfaces, both physically and virtually.
11. Lead and perform as Information Assurance Officer to be focal point for all security matters related to specific sets of information systems.
12. Define an Information Assurance Vulnerability Management (IAVM) Plan.
13. Plan, execute and document results of security tests. Candidates must be able to conduct themselves in a professional manner within office, laboratory, or operational military environments.
Systems Technology Forum, Ltd. (STF) is a Systems Engineering, Program Management, Acquisition, and Information Technology services firm that provides focused solutions and customer-centric support to the US Government on issues of national significance. STF is a small business industry leader in solutions to the Defense Department's most critical requirements spanning development through large multi-billion dollar acquisitions. Our technical and management staff are industry experts with the ability to combine technically excellent and innovative solutions with best industry and business practices. Our support spans all aspects of program development and implementation including systems engineering, specialized engineering, logistics, information assurance, installation, testing, and program management. Our Past Performance since inception has been consistently superior in all aspects of task planning, management, execution and product delivery.