- Ensure application of security patches for commercial products integrated into system design and meet the timelines for the intended operational environment; ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
- Conduct and report inspections, assessments, and security reviews for unclassified and classified networks weekly to the COR and Government team.
- Provide compliance assessment reports and analyses derived from the use of Government-provided scanning tools or checklists for all networks to the COR and Government team at least weekly or more often based on current cyber threats.
- Implement, apply, execute, and enforce STIG standards and processes to achieve uniform quality and consistency throughout all unclassified and classified network device lifecycles by conducting training sessions and working groups.
- Provide vulnerability and compliance assessment reports and analyses derived from the use of government provided scanning tools i.e., ACAS and DoD Enterprise Security Solution (formerly HBSS) or manual checklists for unclassified and classified networks to the COR and Government team.
- Update and maintain Army Training and Certification Tracking System (ATCTS) accounts for 100% FISMA compliance for personnel; report FISMA compliance to COR and Government team daily.
- Provide service support to all networks with full spectrum Cybersecurity processes to ensure the defense and protection of all government and DoD information systems; support daily operations, network accreditation, and compliance with security policies, DoD and Army regulations, OPORDs, and directives using automated and manual audits; fully support information systems confidentiality, availability, integrity, authentication, and non-repudiation.
- Participate, review, analyze, and report minutes for Change Control Boards (CCB), Technical Review Boards (TRB), and Engineering Review Boards (ERB) for all networks.
- Provide technical support in implementing, applying, executing, and enforcing RMF standards to achieve uniform quality and a level of consistency throughout all unclassified and classified network device lifecycles by maintaining an ATO and 90% CCRI compliance.
- Perform analysis on network assets and individual users for compliance with cybersecurity policies, directives, and best business practices using Government-provided automated tools such as: Comply to Connect (C2C), ESS, Host Intrusion Prevention Systems (HIPS), Intrusion Detection Systems (IDS), rogue device detection, proxy servers, Network Access Control (NAC), and auditing/logging tools; provide compliance status reports to the COR and Government team.
- Provide documentation and analysis reports for RMF Compliance to the ISSM; develop, periodically update, and provide recommendations to improve compliance documentation; conduct compliance reviews and submit all supporting artifacts for RMF packages for all current and future unclassified and classified networks for review and approval.
- Draft, review, and maintain required DoD cybersecurity RMF documentation and artifacts to ensure full compliance with current DoD 8500.1, 8500.2, AR 25-2, and NIST as well as superseding policies and regulations to obtain certification and accreditation for all networks; develop continuous monitoring plan for all networks.
Years of Experience: 5+
Education/Certifications: Requires IAT or IAM Level II certifications, to include one of the following: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, CAP, CASP+ CE, GISM, CISSP, GSLC, CCISO, or HCISPP
Clearance Level: Secret with T3 investigation; IT Level II
COMPANY INFORMATION: Bravura is a rapidly growing Woman Owned Small Business (WOSB) that provides professional and engineering services, technology solutions and product offerings to DoD, Federal Civilian agencies. Bravura is an Equal Opportunity Employer. Bravura does not discriminate against employees or applicants for employment on any legally recognized basis (protected class) including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law. These are positions that require a U.S. Citizenship.