Cybersecurity SME

General Summary:

Responsible for the maintenance and support of DoD and Air Force computing systems and networks (both unclassified and classified). This position will require the individual to obtain/maintain classified systems administrative privileges for SIPRNet and other systems. The individual shall perform system trusted downloads burning classified Compact Discs (CDs) maintain and update host system patches implement mandated system vulnerability mitigations and set up user accesses and accounts. Personnel shall demonstrate proficiency in currently utilized Windows Operating Systems (OS) Windows group policy objects DoD Cybersecurity National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) Security Technical Implementation Guides (STIGs) Endpoint Security System (SS)/Hostbased Security System (HBS) and DoD Public Key Infrastructure (PKI).

Principal Duties and Responsibilities:

• Systems Security Engineering disciplines to include: AntiTamper Trusted Systems & Networks Cybersecurity Hardware/Software/Firmware Assurance Supply Chain Risk Management Acquisition Security Cyber Resiliency and Information Protection.
• Support the Systems Engineer with program engineering milestone reviews test planning and certification and accreditation packages.
• Assist the Information Systems Security Manager (ISSM) and provide multidiscipline expertise covering project management system security engineering system administration and network administration.
• Provide direct support to assure compliance to the most current revision of the Security Directives applicable to Platform Information Technology (PIT) PITI and nonPIT systems being supported. These include DoDI 8500.01 Cybersecurity DoDI 8510.01 RMF for DoD IT JSIG NIST 80053 and directives/guidance identified in DoDI 5000.02.
• Provide cybersecurity support to assigned systems and shall assist in developing modifying reviewing or coordinating items that include but are not limited to: PIT determination package cybersecurity strategy (formerly IAS) System Security Plan (SSP) system controls traceability matrix risk assessment report plan of action and milestones security assessment plan artifacts for program review and RFP.
• Review required program office artifacts and make recommendations to support cybersecurity RMF analysis.
• Assist in managing planning documenting and conducting Independent Verification and Validation (IV&V) of security requirements for weapon systems.
• Assist in performing cybersecurity site audits to verify architecture analysis cybersecurity requirements and controls verify mitigation actions witness cybersecurity testing and evaluation and to support final approval for Interim Authority to Test (IATT) Interim Authority To Operate (IATO) Authority To Operate (ATO) and/or Authority To Connect (ATC).
• Assist in identifying the Software Assurance (SWA) pedigree (including platform software) and QA issues and documenting the results.
• Assist the Government in conducting Supply Chain Risk Management (SCRM).
• Assist in developing and documenting SCRM plans and implementation activities in appropriate acquisition and security documents including but not limited to the acquisition strategy SEP PPP and SSP.

At COLSA people are our most valuable resource and centered at our core value. We invite you to unite your talents with opportunity and be a part of our FamilyofProfessionals!Learn about our employeecentric culture and benefitshere.