Job Information
Alaka'ina Foundation Family of Companies Information Systems Security Officer in Maui, Hawaii
Information Systems Security Officer
Location HI - Maui
Job Code 11778
# of openings 1
Apply Now (https://phg.tbe.taleo.net/phg04/ats/careers/v2/applyRequisition?org=AKIMEKATECH&cws=43&rid=11778)
The Alaka’ina Foundation Family of Companies (FOCs) is looking for an Information Systems Security Officer to support our government customer out of Maui, Hawai'i.
DESCRIPTION OF RESPONSIBILITIES:
Ensure that personnel accessing information systems have the proper and current Information Assurance (IA) certification to perform administrative functions in accordance with (IAW) DoD Manual 8140.03 Cyberspace Workforce Qualification and Management Program. Current IA Certifications must be obtained within 15 days after contract start.
Will act as the Local Registration Authority (LRA).
Operation of Equipment:
- Ensure all endpoints & network devices are patched & secured IAW the latest Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs), Time Compliance Network Orders (TCNOs), Time Compliance Technical Orders (TCTOs), Approved Products List (APL), and Local Security Guidelines as directed.
Perform network scanning to identify vulnerabilities, misconfigurations, and patch/re-configure as required to comply with DISA STIGs, IAVAs, TCNOs, APL, and Local Security Guidelines as directed. AQL: 100% compliant with DISA STIGs, IAVAs, TCNOs, APL, and Local Security Guidelines.
Apply patches or configuration updates to servers identified in ACAS scans 100% of the time every month
Perform the duties of COMSEC Responsible Officer (CRO) including cryptographic rekeys in support of SIPRNet and JWICS operations.
Enter all database and maintenance changes in a log and retain for record.
Inspection Support:
Support all inspections of the Contractor’s area of responsibility (i.e., Command Cyber Readiness Inspections (CCRIs), Inspector General (IG) visits and actively support Unit Self-Assessments Program and MICT checklist(s) assignment.)
Cyber Network Vulnerability Management:
- Furnish qualified on-site technicians to provide network vulnerability management, system scanning, network server support, troubleshooting, repair, and Assessment & Authorization (A&A)/Authority to Operate (ATO) documentation for 15 SPSS communications systems encompassing the operational network.
Perform all necessary actions to manage, maintain and ensure there is no lapse in the current Core Comm network accreditation via the Risk Management Framework and A&A/ATO package workflow IAW AFI 17-101.
The communications systems management AIS include Assured Compliance Assessment Solution (ACAS), AFNetOps Compliance Tracker (ACT), System Center Configuration Manager (SCCM), Remote Desktop, and Remedy Ticketing System.
Vulnerability Management:
- Provide routine scans of security threats and perform corrective action IAW DISA STIGs, TCNOs, and local security guidance.
Monitor cyber event tasking in order to detect and mitigate malicious cyber events.
Coordinate with CFP for resolution of non-advertised TCNOs.
Monitor and maintain SCCM server health. The Contractor shall ensure SCCM is operational and prepared for vulnerability patching.
Maintain software exemption lists for automated patching.
Utilize approved AIS to monitor, review, and generate applicable TCNO status listing and report to CFP weekly.
Complete cyber network vulnerability management scans across the 15 SPSS NIPRNet, SIPRNet, and JWICS encompassing all network device Operating Systems (OS) utilizing approved AIS.
Apply patches or configuration updates to servers identified in ACAS scans 100% of the time every month.
Identify and implement required software patches to network OS in standard desktop and standard server configurations.
Monitor vulnerabilities on NIPRNet, SIPRNet, and JWICS network systems using the scanning methods IAW local operating procedures.
Communications Security (COMSEC) Administration:
- Effectively manage 747CS/CA632310 COMSEC sub-account E-46 on behalf of 15SPSS.
Provide personnel to support the responsibilities of the COMSEC Responsible Officer (CRO) and Cryptographic Access Program (CAP) administrator.
Provide the manpower necessary to maintain the COMSEC sub-account.
Complete all necessary COMSEC training and certification requirements as required from the main COMSEC account. Personnel shall support the CRO in training COMSEC users.
Document initial and refresher CUI training on the AF Form 4168.
Conduct assessments and inventories, document results and maintain EKMS forms on file.
Manage, control, protect and safeguard COMSEC facilities, material, equipment and documentation IAW all applicable NSA, AF and 747CS policies, procedures and instructions.
Perform COMSEC Responsible Officer (CRO) duties for sub-account E-46 under JBPH-H COMSEC Acct CA632310.
Provide crypto keying and cryptographic equipment accountability, as required.
Pick up and deliver COMSEC material from the supporting COMSEC account.
Keep keying materials secured in approved Government-provided GSA containers.
Complete reports involving physical, cryptographic, and personnel COMSEC incidents.
Establish, maintain, and dispose of COMSEC documentation.
100% compliant with all applicable NSA, AF and 747CS policies, procedures and instructions.
Supporting personnel shall be responsible for requesting, downloading, storing and ensuring keying material is available for all encryption equipment on site.
COMSEC users shall be responsible for storing keying material, loading keying material into encryption devices.
Troubleshoot secure communications problems and coordinate with the CRO, COMSEC users and 747 COMSEC account to resolve any issues.
Assigned and perform duties of a CRO for network (SIPRNet and JWICS) related COMSEC material IAW DoD 5220.22M Chapter 9 Section 4, AFMAN 17-1302 COMSEC Operations.
Receive CRO training from the 747th CS COMSEC office located at JBPHH.
Responsible for periodic loading and re-keying of network (SIPRNet)related cryptographic equipment.
REQUIRED DEGREE/EDUCATION/CERTIFICATION:
Bachelors degree or higher from an accredited college or university OR
Sec+ or CAP or CASP+ or Cloud+ or CYCA+ or PenTest
REQUIRED CITIZENSHIP AND CLEARANCE:
Must be a U.S. Citizen
Must have Top Secret clearance
The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries. Eligible employees enjoy a 401K plan with company match; medical, dental, disability, and life insurance coverage; tuition reimbursement; paid time off; and 11 paid holidays.
We are an Equal Opportunity/Affirmative Action Employer. We are proud to state that we do not discriminate in employment decisions on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. If you are a person with a disability and you need an accommodation during the application process, please click here (HRdept@alakaina.com) to request accommodation. We E-Verify all employees.
The Alakaina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies (FOCs) includes Keaki Technologies, Laulima Government Solutions, Kūpono Government Services, and Kāpili Services, Pookela Solutions, Kīkaha Solutions, LLC, and Pololei Solutions, LLC. Alakaina Foundation activities principally benefit the youth of Hawaii through charitable efforts which includes providing innovative educational programs that combine leadership, science & technology, and environmental stewardship.
For additional information, please visit www.alakainafoundation.com
#LI-JS1
#ClearanceJobs