The Contractor shall provide Subject Matter Expertise in developing and implementing Training, Certification and Awareness programs for military, civilians, and DoD contractor personnel at USSOCOM, its Component Commands, TSOCs, and deployed forces. The programs must include DoDD 8140.01 and annual Cybersecurity awareness training requirements. The program shall include a Cybersecurity Awareness Campaign to educate SOF personnel and their families on secure computer practices both at work and home. The Contractor shall develop and maintain an effective and relevant security training and awareness program that follows Federal, DoD, DIA, USSOCOM, Component Command, TSOC, and deployed forces' policies, regulations, and standards. The Contractor shall develop, implement, and help enforce relevant Cybersecurity training for the SIE.
Additionally, the Cybersecurity Systems Analyst should be able to perform security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool. Identify applicable STIGs and perform assessments using the Security Content Automation Protocol tool. The Cybersecurity Systems Analyst will liaison with network and system administrators to correct identified deficiencies.
Typical Duties Include:
Providing dedicated, on-site support for Cybersecurity training, certification, and awareness.
Reviewing mandated training.
Tracking and Validation of the cyber workforce.
Reviewing and updating Local Area Network (LAN) Certification training.
Developing training requirements for cyber-related threats based on mission and situational needs.
Facilitating and coordinating metrics and trends to identify common security digital signage and other means of message conveyance.
Assisting USSOCOM, its Component Commands, TSOCs, and deployed forces in the planning and execution of a Cybersecurity Training Program.
Perform risk and vulnerability assessments of IT and IS for authorization; prepare risk assessment reports for submission to the SCA and Authorizing Official/Designated Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA) in accordance with DoD, DIA, USCYBERCOM, USSOCOM, Component Command, TSOC, and deployed forces' policies, procedures, and regulations
Developing a Cybersecurity Awareness Campaign which includes weekly news articles and Cybersecurity awareness aids distributed to SOF organizational Cybersecurity officers.
Perform analytics on cybersecurity posture and provide reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction.
Assisting USSOCOM, its Component Commands, TSOCs, and deployed forces with the planning, implementation, and execution of a Cybersecurity Exercise program.
Provide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at USSOCOM, its Component Commands, TSOCs, and deployed forces.
Knowledge, Skills and Abilities:
Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
Technical background with system administration experience is preferred.
Working knowledge of the RMF.
Knowledge of the Telos Xacta or eMASS system is desired.
Must have excellent communications skill (written and oral) and interpersonal skills.
Knowledge and experience with DoD IA processes and policies (e.g., CJCSM 6510.01, Incident Response and other IA policies).
Active TS/SCI clearance required. Experience, Education, & Certification Requirements :Years Of Experience Required: 8+ yrsEducation Required: BA/BSCertification Required: Current DoD 8570.01- M, IAT- Level III or IAM Level III. Example Certs: CISSP (or Associate), CASP+CE, CISA, CISM, CCISO, GCED, GCIH, CCSP, or GSLC
Essential Functions
Physical Requirements
Requires sitting for extended periods of time at a desk (90%). Requires sitting at a computer terminal for long periods of time (90%). There is a possibility that due to parking availability and location of work area walking moderate to long distances can sometimes be required.
Work Environment
Inside office/cubicle environment. Requires ability to interact professionally with co-workers and all levels of management (100%).
Equipment and Machines
Requires ability to operate a personal computer, a telephone, copier, and other general office equipment (100%). Ability to conduct evaluation of third and fourth generation or current state of the art computer hardware and software and its ability to support specific requirements, interfacing with other equipment and systems.
Attendance
Attendance is critical. Work hours are normally 8 hours per day and 5 days per week, Monday through Friday. Being prompt is important to provide continuous and on-going service to customers. Attendance is important to maintain continuity of service. Work outside of normal duty hours may be required with as little as one hour advance notice. Overtime is infrequent, but important when required (1%).
Other Essential Functions
Must be able to communicate effectively, both verbally and in writing. Must be able to interface with individuals at all levels of the organization. Must be able to obtain unescorted access to work areas. Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others.
S:GPSMALLA-CLZFL