Yesterday
Top Secret/SCI
Early Career (2+ yrs experience)
$150,000 and above
25%
IT - Security
Honolulu, HI (On-Site/Office)
Overview
This position works directly for the PACAF Defensive Cyber Operations and Mission Assurance Branch but works with various PACAF AOR personnel to execute the following duties and responsibilities.
**This position is pending contract award. It will involve travel to various OCONUS sites**
Responsibilities
Deliver Cybersecurity and RMF/FISMA support to PACAF mission owners; distributing current policy and provide guidance, and mentorship to the cyber forces to ensure compliance.
Assist PACAF MOBs & GSUs improve & maintain implementation of congressional FISMA, DoD, and AF cybersecurity directives.
Conduct (on-site and/or virtual) A&A validation and reviews, using National/DoD/AF standards (e.g., DISA Security Technical Implementation Guides (STIGs), National Institute of Standards and Technology (NIST) SP 800-12).
Collect and develop A&A artifacts in accordance with AO Office
Assisting MOBs and GSUs maintain and sustain A&A packages, including tracking/updating A&A documents/products in the following databases:
Connection Approval Process (CAP) for SNAP
GIAP circuit management tools
eMASS and ITIPS
Continuous Monitoring Risk Scoring (CMRS) efforts
Assist MOB and GSUs create and maintain comprehensive RMF products for the theater circuits/enclaves via eMASS as required. Products must include all requirements IAW applicable DoD and AF Instructions.
Assist the Government in the creation, consultation, revision, finalization, submission of the deliverables for RMF to include but not limited to the following:
System Security Plan
Ports Protocol Services Matrix (enclave)
Artifacts for control validation (STIG results, Policies, Scans, Charters, etc., unit provided)
Plan of Actions and Milestones (POAMs)
System Topology
Provide updates through AF central FISMA database repository, ITIPS.
Ensure A&A data are synchronized across AF and DISA repositories (eMASS, ITIPS, SNAP, and GIAP).
Assist processing circuit connection requests for all the main bases through SIPRNet Global Information Grid (GIG) Interconnection Approval Process (GIAP) System (SGS) and the NIPRNet SNAP.
Prepare and mentor NAF, Wing and cybersecurity forces through the CRR-M program.
Train and assist PACAF MOBs & GSUs personnel in the use of DoD security technical implementation tools and technology to maintain & improve cyber readiness.
Consult to resolve any issues with DoD required vulnerability scanning tools, including system credentials, access control list, and identified network assets.
Consult to resolve any issues with DoD required endpoint security solutions for all host devices in the network enclaves.
Assist and prepare PACAF Wings for CORAs & CCORIs on NIPRNet, SIPRNet and supported information systems.
Create CORA and CCORI scores and Risk Assessment Report for the MOBs & GSUs using DISA CORA Scoring and Risk Assessment tools
Provide recommendations for mitigations & follow-on actions to include POAMs.
Qualifications
General Position Requirements
Top Secret (TS) / Sensitive Compartmented Information (SCI) security clearance
DoD 8140, the DoD Cyber Workforce Manual
Anyone (1) of the following:
Advanced - CISM or CISSO or CPTE or CySA+ or FITSP-A or GCSA or CISA or CISSP or CISSP-ISSEP or GSLC or GSN or
DoD 8570.1-M certified at Information Assurance Technical (IAT) Level 3 - Anyone (1) of the following:
CompTIA Advanced Security Practitioner Continuing Education (CASP+ CE)
Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP) (or Associate - this means the individual has qualified for the certification except for the number of years’ experience)
Certified Cloud Security Professional (CCSP)
Have 2-3 years of experience and the skills required to execute Federal, National, DoD, USAF CIO, and US State Department Requirements to be able to assess cyber risk, identify mission sets, and defend the mission.
Have 2-3 years of experience of applying, assessing, and advising MAJCOM staff and Wings on cybersecurity requirements.
Understand the AF Cyber architecture and PACAF MOBs and GSUs roles.
Ability to travel to PACAF MOBs and GSUs to conduct duties and responsibilities at a maximum up to 40% of the time.
Proficiency in Microsoft Office Suite products and SharePoint collaborative tools.
Training highly preferred prior to starting; however, must have the ability to obtain within 3 days of starting and maintain certificates of completion for the following training:
Level 1 Anti-Terrorist Training - within the past year
Level A Survival, Evasion, Resistance, and Escape (SERE) Training - within the past 1-2 years
USFK Training - no time requirement (only required to be taken once)
DoD Cyber Awareness Challenge - within the past year
Operations Security (OPSEC) Awareness - within the past year
Derivative Classification IF103.16 - within the past year
Force Protection - within the past year
COR will provide update website addresses to the above that may change.
RMF/FISMA/ATO Requirements
Have 2-3 years of experience conducting RMF/FISMA/ATO A&A.
Have 2-3 years of experience maintaining accreditation at a level consistent with AF, DoD and FISMA requirements for all base enclaves and providing situational awareness of assigned systems at MOBs and GSUs.
Have 2-3 years of experience with DISA Connection Approval Process vehicles (e.g., SNAP, SGS, GIAP, and CDS-approval).
Expertise with FISMA compliance vehicle – AF centralized repository for FISMA reporting is ITIPS.
Expertise with AF System A&A process vehicles (e.g., eMASS, AF PPSM, AF Software Approval) to produce ATO, ATC, Interim Authority to Connect (IATC).
CPR-M Requirements
Have 2-3 years of experience of conducting assessments of SIPRNet/NIPRNet network, enclave, and system security posture providing guidance, mitigation recommendations and familiarization to personnel on cyber security to include prepare/advise pre-, post-, and during-inspections.
In-depth experience with DISA STIGs and by-product analysis
CORA & CCORI Support Requirements
Have 2-3 years of experience of conducting CORA & CCORI inspections.
Expertise with CORA process vehicles.
Expertise with CCORI process vehicles (e.g., MADSS, ELICSAR, etc.)
Expertise with USCYBERCOM/DISA CORA Scoring Tools (option to utilize the AF “Cyber Ready 365”).
Knowledge, Skills and Abilities
Ability to deliver on-site and remote Cybersecurity, RMF, and FISMA support to mission owners through the distribution of current policies and providing guidance and mentorship to the cyber forces.
Knowledge of congressional FISMA, DoD, and AF cybersecurity directives.
In-depth experience conducting (on-site and/or virtual) A&A validation, reviews and mentorship pursuant to National/DoD/AF standards (e.g., DISA STIGs, NIST SP 800-12, NIST SP 800-53, AFI 17-101, CRR-M).
In-depth experience collecting and developing A&A artifacts.
Ability to maintain and sustain A&A packages, including tracking/updating A&A documents/products in the following databases:
CAP for SNAP
GIAP circuit management tools
eMASS and ITIPS
CMRS efforts
Proficiency in creating and maintaining RMF products for the theater circuits/enclaves via eMASS.
Experience in creating, consulting, revising, finalizing, submitting RMF deliverables.
Ability to provide up-dates through AF central FISMA database repository, ITIPS.
In-depth experience ensuring A&A data is synchronized across AF and DISA repositories.
Knowledge of processing circuit connection requests through SGS and SNAP.
Experience in mentoring cyber workforce personnel to excel in implementing and sustaining security best practices and cyber-readiness, leveraging CORA methodology within the PACAF-specific Cyber-Readiness Maturity Model (CRR-M).
Knowledge of how to resolve issues with DoD vulnerability scanning tools, including system credentials, access control list, and identified network assets.
Knowledge of how to resolve issues with DoD required endpoint security solutions for all host devices in the network enclaves.
In-depth experience preparing Wings for CORAs & CCORIs on NIPRNet, SIPRNet and supported information systems.
In-depth experience with CORA and CCORI scores and Risk Assessment Report for the MOBs & GSUs using DISA CORA Scoring and Risk Assessment tools
Ability to provide recommendations for mitigations & follow-on actions to include POAMs.
Experience with email, and other communication platforms to include but not limited to MS Teams group chats, MS SharePoint site, and VoIP Phones.
Proficiency with the latest Microsoft tool suite (i.e., PowerPoint, Excel, Word, etc.).
Ability to collaborate with others.
Ability to brief technical information to both technical and non-technical audiences.
Experience briefing senior leaders and large audiences.
Pay Range
USD $170,000.00 - USD $190,000.00 /Yr.
EEO
PCI Federal Services (PCIFS) and its subsidiaries is an equal-opportunity employer. PCIFS does not discriminate on the basis of age, sex, race, national origin, religion, marital status, sexual orientation or identity, Veterans or Disability status.
Preference may be extended to qualified Native American Indian candidates
in accordance with applicable federal law.
This position works directly for the PACAF Defensive Cyber Operations and Mission Assurance Branch but works with various PACAF AOR personnel to execute the following duties and responsibilities.
**This position is pending contract award. It will involve travel to various OCONUS sites**
Responsibilities
Deliver Cybersecurity and RMF/FISMA support to PACAF mission owners; distributing current policy and provide guidance, and mentorship to the cyber forces to ensure compliance.
Assist PACAF MOBs & GSUs improve & maintain implementation of congressional FISMA, DoD, and AF cybersecurity directives.
Conduct (on-site and/or virtual) A&A validation and reviews, using National/DoD/AF standards (e.g., DISA Security Technical Implementation Guides (STIGs), National Institute of Standards and Technology (NIST) SP 800-12).
Collect and develop A&A artifacts in accordance with AO Office
Assisting MOBs and GSUs maintain and sustain A&A packages, including tracking/updating A&A documents/products in the following databases:
Connection Approval Process (CAP) for SNAP
GIAP circuit management tools
eMASS and ITIPS
Continuous Monitoring Risk Scoring (CMRS) efforts
Assist MOB and GSUs create and maintain comprehensive RMF products for the theater circuits/enclaves via eMASS as required. Products must include all requirements IAW applicable DoD and AF Instructions.
Assist the Government in the creation, consultation, revision, finalization, submission of the deliverables for RMF to include but not limited to the following:
System Security Plan
Ports Protocol Services Matrix (enclave)
Artifacts for control validation (STIG results, Policies, Scans, Charters, etc., unit provided)
Plan of Actions and Milestones (POAMs)
System Topology
Provide updates through AF central FISMA database repository, ITIPS.
Ensure A&A data are synchronized across AF and DISA repositories (eMASS, ITIPS, SNAP, and GIAP).
Assist processing circuit connection requests for all the main bases through SIPRNet Global Information Grid (GIG) Interconnection Approval Process (GIAP) System (SGS) and the NIPRNet SNAP.
Prepare and mentor NAF, Wing and cybersecurity forces through the CRR-M program.
Train and assist PACAF MOBs & GSUs personnel in the use of DoD security technical implementation tools and technology to maintain & improve cyber readiness.
Consult to resolve any issues with DoD required vulnerability scanning tools, including system credentials, access control list, and identified network assets.
Consult to resolve any issues with DoD required endpoint security solutions for all host devices in the network enclaves.
Assist and prepare PACAF Wings for CORAs & CCORIs on NIPRNet, SIPRNet and supported information systems.
Create CORA and CCORI scores and Risk Assessment Report for the MOBs & GSUs using DISA CORA Scoring and Risk Assessment tools
Provide recommendations for mitigations & follow-on actions to include POAMs.
Qualifications
General Position Requirements
Top Secret (TS) / Sensitive Compartmented Information (SCI) security clearance
DoD 8140, the DoD Cyber Workforce Manual
Anyone (1) of the following:
Advanced - CISM or CISSO or CPTE or CySA+ or FITSP-A or GCSA or CISA or CISSP or CISSP-ISSEP or GSLC or GSN or
DoD 8570.1-M certified at Information Assurance Technical (IAT) Level 3 - Anyone (1) of the following:
CompTIA Advanced Security Practitioner Continuing Education (CASP+ CE)
Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP) (or Associate - this means the individual has qualified for the certification except for the number of years’ experience)
Certified Cloud Security Professional (CCSP)
Have 2-3 years of experience and the skills required to execute Federal, National, DoD, USAF CIO, and US State Department Requirements to be able to assess cyber risk, identify mission sets, and defend the mission.
Have 2-3 years of experience of applying, assessing, and advising MAJCOM staff and Wings on cybersecurity requirements.
Understand the AF Cyber architecture and PACAF MOBs and GSUs roles.
Ability to travel to PACAF MOBs and GSUs to conduct duties and responsibilities at a maximum up to 40% of the time.
Proficiency in Microsoft Office Suite products and SharePoint collaborative tools.
Training highly preferred prior to starting; however, must have the ability to obtain within 3 days of starting and maintain certificates of completion for the following training:
Level 1 Anti-Terrorist Training - within the past year
Level A Survival, Evasion, Resistance, and Escape (SERE) Training - within the past 1-2 years
USFK Training - no time requirement (only required to be taken once)
DoD Cyber Awareness Challenge - within the past year
Operations Security (OPSEC) Awareness - within the past year
Derivative Classification IF103.16 - within the past year
Force Protection - within the past year
COR will provide update website addresses to the above that may change.
RMF/FISMA/ATO Requirements
Have 2-3 years of experience conducting RMF/FISMA/ATO A&A.
Have 2-3 years of experience maintaining accreditation at a level consistent with AF, DoD and FISMA requirements for all base enclaves and providing situational awareness of assigned systems at MOBs and GSUs.
Have 2-3 years of experience with DISA Connection Approval Process vehicles (e.g., SNAP, SGS, GIAP, and CDS-approval).
Expertise with FISMA compliance vehicle – AF centralized repository for FISMA reporting is ITIPS.
Expertise with AF System A&A process vehicles (e.g., eMASS, AF PPSM, AF Software Approval) to produce ATO, ATC, Interim Authority to Connect (IATC).
CPR-M Requirements
Have 2-3 years of experience of conducting assessments of SIPRNet/NIPRNet network, enclave, and system security posture providing guidance, mitigation recommendations and familiarization to personnel on cyber security to include prepare/advise pre-, post-, and during-inspections.
In-depth experience with DISA STIGs and by-product analysis
CORA & CCORI Support Requirements
Have 2-3 years of experience of conducting CORA & CCORI inspections.
Expertise with CORA process vehicles.
Expertise with CCORI process vehicles (e.g., MADSS, ELICSAR, etc.)
Expertise with USCYBERCOM/DISA CORA Scoring Tools (option to utilize the AF “Cyber Ready 365”).
Knowledge, Skills and Abilities
Ability to deliver on-site and remote Cybersecurity, RMF, and FISMA support to mission owners through the distribution of current policies and providing guidance and mentorship to the cyber forces.
Knowledge of congressional FISMA, DoD, and AF cybersecurity directives.
In-depth experience conducting (on-site and/or virtual) A&A validation, reviews and mentorship pursuant to National/DoD/AF standards (e.g., DISA STIGs, NIST SP 800-12, NIST SP 800-53, AFI 17-101, CRR-M).
In-depth experience collecting and developing A&A artifacts.
Ability to maintain and sustain A&A packages, including tracking/updating A&A documents/products in the following databases:
CAP for SNAP
GIAP circuit management tools
eMASS and ITIPS
CMRS efforts
Proficiency in creating and maintaining RMF products for the theater circuits/enclaves via eMASS.
Experience in creating, consulting, revising, finalizing, submitting RMF deliverables.
Ability to provide up-dates through AF central FISMA database repository, ITIPS.
In-depth experience ensuring A&A data is synchronized across AF and DISA repositories.
Knowledge of processing circuit connection requests through SGS and SNAP.
Experience in mentoring cyber workforce personnel to excel in implementing and sustaining security best practices and cyber-readiness, leveraging CORA methodology within the PACAF-specific Cyber-Readiness Maturity Model (CRR-M).
Knowledge of how to resolve issues with DoD vulnerability scanning tools, including system credentials, access control list, and identified network assets.
Knowledge of how to resolve issues with DoD required endpoint security solutions for all host devices in the network enclaves.
In-depth experience preparing Wings for CORAs & CCORIs on NIPRNet, SIPRNet and supported information systems.
In-depth experience with CORA and CCORI scores and Risk Assessment Report for the MOBs & GSUs using DISA CORA Scoring and Risk Assessment tools
Ability to provide recommendations for mitigations & follow-on actions to include POAMs.
Experience with email, and other communication platforms to include but not limited to MS Teams group chats, MS SharePoint site, and VoIP Phones.
Proficiency with the latest Microsoft tool suite (i.e., PowerPoint, Excel, Word, etc.).
Ability to collaborate with others.
Ability to brief technical information to both technical and non-technical audiences.
Experience briefing senior leaders and large audiences.
Pay Range
USD $170,000.00 - USD $190,000.00 /Yr.
EEO
PCI Federal Services (PCIFS) and its subsidiaries is an equal-opportunity employer. PCIFS does not discriminate on the basis of age, sex, race, national origin, religion, marital status, sexual orientation or identity, Veterans or Disability status.
Preference may be extended to qualified Native American Indian candidates
in accordance with applicable federal law.
group id: 91126217
