Title:  Cyber Security Engineer

 

Job Description:

We will provide Command, Control, Communications, Computers and Information Management (C4IM) Service and Support for Mission Support Command (MSC).  With C4IM capabilities provide architecture and engineering of the MSC C4IM networks and associated systems. The C4IM service and support requirements consists of installing, operating, administering, and maintaining various network management and security monitoring systems, operating systems, and network application systems installed, maintained, monitored and/or coordinated on multiple networks PLWN, Korea LandWarNet (KLWN), Army Reserve Network (ARNET), and Retention/ Education/ Family (REF). We will extend ARNET, manage/administer PLWN and coordinate KLWN for all USAR units including Active Component (AC) units located at remote international sites. We will provide TIER II support and manage/administer ARNET for all Multi-Compo and USAR units within a certain area. We will adhere to Department of Defense Architectural Framework (DoDAF), Department of the Army (DA) and local command regulations, policies, standards and guidelines. The Contractor shall perform necessary tasks which fall into these broad functional areas: Architecture, Multi-domain Network Interoperability, Engineering, Integration, Installation, Testing, Program/Project Management, C4IM systems, Web Development Service Support, Cyber Security, COMSEC support, Telephone/VOIP, and Frequency/SATCOM Management. These broad areas do not represent sequential steps and may over-lap during execution.

 

Specific Responsibilities Include:

  • Provide necessary infrastructure and management services to protect information systems from unauthorized access and to protect the data within systems. Contractor shall support the command’s Cyber Security/CND program through active implementation of DOD, Cyber Security and Theater Cyber Security Program directives and policies. Contractor shall implement a patch management and vulnerability mitigation program in order to ensure compliance with current Information Assurance Vulnerability Alert (IAVA) directives.

  • Develop security training plans and packages to facilitate the training of all MSC and US Army Reserve Pacific personnel in accordance with public law and DoD instructions. These plans will include requirements for new user training and annual refresher training. Encouraged to make use of existing training resources in developing training plans. Develop training materials based upon local policies that might not otherwise be covered in regulatory requirements. The security curriculum shall be delivered in a classroom setting and shall cover topics in Information Security (INFOSEC), Personnel Security, Physical Security, and Operations Security (OPSEC). The contractor shall ensure Cyber Security training requirements are met and has the authority to deny user access to any prospective user who does not complete the mandatory IA awareness training.

  • Conduct weekly vulnerability assessment of all  MSC and US Army Reserve Pacific managed assets (to include web applications, Operating Systems, wireless devices and business application software) using an IAM or DoD approved vulnerability assessment tool. The vulnerability assessments shall be conducted IAW the DoDI 8500.2 and/or best practices issued by the Designated Approval Authority (DAA) or DoD. Report the results to the MSC Information Systems Security Manager (ISSM) using the built-in reporting features of the vulnerability assessment tool, and will manage and track mitigation actions for the vulnerabilities identified in the report generated by the vulnerability assessment scan. Contractor shall submit vulnerability reports to the MSC G6 to have all identified vulnerabilities mitigated by having vulnerable workstations patched with the appropriate security patches. The contractor shall monitor G6 progress and will ensure that all mitigating actions are completed within three (3) working days. If mitigating actions cannot be accomplished within seven (7) days, the contractor shall report to the ISSM the following information:

-Vulnerability identified

-Number of vulnerable systems

-Plan to mitigate vulnerabilities and estimated time to resolution

-A daily status report detailing the progress made toward mitigating the vulnerabilities identified the week vulnerability scan

  • Conduct weekly vulnerability scans and manage the actions necessary to mitigate vulnerabilities revealed by the scan to ensure that all mitigating actions are completed within seven (7) working days.

  • Conduct weekly malware defense assessments of all MSC managed workstation and laptop assets using McAfee Antivirus included in the Host-Based Security System (HBSS) tool. Weekly malware defense assessments of all MSC managed servers shall be conducted using Symantec Antivirus.  Patch management for workstations are utilized by Altiris Management Platform and servers are completed manually.

  • Manage all actions necessary to implement Strategic Command Directive SD 527-1 (DoD Information Operations Conditions – INFOCON System Procedures. Compliance to this directive is mandatory for all DoD entities. SD 527-1 delineates tasks that must be performed IAW each INFOCON level designation. The contractor must be constantly aware of the prevailing INFOCON level and the tasks performed IAW that level. The DoD-approved HBSS tool will be used to facilitate INFOCON level compliance. INFOCON implementation tasks will be tracked as a project and the contractor shall submit updated project status reports to the MSC ISSM on a weekly basis.

  • Ensure all MSC managed servers, workstations and printers are compliant to all IAVM notices issued by the PLWN, KLWN, and ARNET. IAVM notices include alerts, bulletins, and tech tips.

  • Utilize DAA or DoD approved scanner software to verify all  MSC managed servers, workstations, printers, and network appliances (routers, switches, firewalls, and intrusion detection systems) conform to the security requirements mandated in MSC IAVM notices by their respective due date.

  • Establish 100 percent IAVA compliance to at least 90 percent of the total number of assets used as the basis for a given scan. The 90 percent figure represents a satisfactory figure for the number of available assets (as a percentage of the number of total assets).

  • Submit current, accurate, and complete reports on weekly basis to the MSC G6 IAM. Scan data must be no more than seven (7) days old in the weekly IAVM compliance report. Data must reflect actual IAVA compliance for each and every asset reported. To be complete, data must reflect 100 percent of all assets actually scanned.

  • Prepare and submit and acceptable Plan of Action and Milestones (POA&M) to the  MSC Army Reserve Network Operations Center (ARNOC) for all IAVM alerts for which compliance is not yet attained. All POA&Ms must state at a minimum:

a. Reason why the assets are non-compliant.

b. When the assets will become compliant.

c. The work-around solutions and defense mechanisms in place to reduce the risk of noncompliance.

  • Provide situational awareness for adversary cyber capabilities and intensions; builds and manages Indications and Warning (IW) to support the MSC Commander’s Critical Information Requirements (CCIRs) and operational decision points.

  • Provide the resolution of all security incidents reported against MSC managed assets. Support requires possession of Secret security clearance. Government requires use of a wide variety of Attack Warning and Sensing (ASW) data. This data can come from the cyber security personnel, IDS logs, IPS logs, firewall logs, CYBERCOM Situational Awareness Reports (SARs), DISA security briefings, and other pertinent sources.

  • Collect forensic computer evidence related to the security incident and of any other suspect activity uncovered while investigating the security incident, in responding to computer security incidents when tasked.

  • Perform DIACAP requirements when preparing System Security Authorization Agreements (SSAAs) for MSC-managed information systems.

  • Perform a risk analysis and ensure all requisite certification tasks are performed as required. The SSAA is to be embodied in a DoD-approved certification and accreditation tool (such as eMASS).

  • Provide technical expertise on all TEMPEST, Red/Black separation, and PDS installations, certifications, and maintenance requirements.

  • Provide consultative support to the government on an ad hoc basis. The MSC G6 is often called upon to render an expert opinion, evaluation, or decision related to the security considerations surrounding a product or a process. Most opinions and/or evaluations are easily provided with a minimal amount of research; other evaluations may take a substantial amount of research to formulate.

  • Establish audit trails, conduct reviews, and create archives as tasked by the MSC ISSM.

Required Education, Skills, and Experience:

  • 8+ years of experience in Information Assurance enforcement, auditing, vulnerability assessment analysis, threat identification and remediation, IA policy recommendations, physical security, and patch management strategies. Extensive working knowledge in DIACAP certification and accreditation requirements (DoD 8510.1 and 8500.2), IAVA compliancy (Retina), STIG enforcement and auditing (DISA Gold Disk), and other IA tools (QTip, Log Collector, HBSS, etc.)

  • IAM Level II

Preferred Education, Skills, and Experience:

  • Experience as a Certificate Authority (manage security credentials, private/public keys, etc.), IASO, IANO, IANM, etc.

  • Experienced as an Information Assurance professional in a DoD environment

  • Completed DIACAP training courses

Requirements:

  • Currently have an active Secret Clearance

  • Be Flexible

  • Ability to travel as needed

Job Type
Full-Time Regular
Location
honolulu HI