Computer Security Systems Specialist with Security Clearance

---

Job description

Computer Security Systems Specialist Minimum Qualifications Summary Certification & Education BA or BS degree in IT, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution. DoD TOP SECRET security clearance with current Single Scope Background Investigation (SSBI) Experience Required 4 years of experience in the specific field of study and specialization Job Objective This Computer Security Systems Specialist TS Dif (Level 2) will provide support for cybersecurity policy, plans, and procedures and assist NSWG-1 Command ISSM (CISSM) in performing Assessment and Authorization (A&A) coordination. The duties of this task include assessing network compliance against controls listed in National Institute of Standards and Technology (NIST) Standard Publication (SP) 800-53 and creating A&A packages. Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at NSWG-1. Responsibilities Provide Subject Matter Expert (SME) recommendations and assists the customer with RMF and develops a Plan of Action and Milestones (POAM) for resolving network deficiencies in accordance with DoD Instruction (DoDI) 8510.01 and Intelligence Community Directive (ICD) 503. Tracks A&A status of Special Operations Forces Information Environment (SIE) governed Information Systems (IS). Assist the CISSM with executing a comprehensive assessment, compliance, and validation of customer networks to ensure compliance with regulations and security and standards. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities. Provide SME input to CISSM regarding NSWG-1, Echelon IV commands, and deployed forces network and system risks, risk mitigation courses of action, and operations. Provide SME input to stakeholders on the adequacy of implementation of cybersecurity requirements. Provide inputs to System Authorization Access Requests (SAAR). 5.1.4 (U) Assist NSWG-1 CISSM IAW DoD & ICD RMF governance in support of NSWG-1, Echelon IV commands, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program. Provide SME inputs to RMF Body of Evidence (BoE) artifacts: Information Management Tool (IMT) RMF discovery checklist IMT-55, RMF supplemental checklist, hardware and software lists, system interface (ports and protocols), DoD Architectural Framework (DoDAF) and/or Defense Information Systems Network (DISN) architecture drawings and diagrams (topology, data flow, accreditation boundary, rack/room/equipment layout), Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG)/ Security Requirements Guide (SRG) check Files using the DISA STIG viewer tool, Security Content Automation Protocol (SCAP) files, scans, Concept of Operations (CONOPS), User Access Policies, Continuity of Operations (COOP), Privacy Impact Assessment (PIA), Interconnect Security Agreements (ISA), and POAMs. Ensure BoE documents are available in the USSOCOM-chosen automated tool. Assist NSWG-1 CISSM efforts to maintain, track, and validate DISN, cloud and Defense Intelligence Agency (DIA) connection approval packages, including those from NSWC, NSWG-1, and subordinate commands. Assist NSWG-1 CISSM to develop and maintain supporting documentation for new and existing networks, cloud environments, information systems and technologies as they are introduced into the SIE. Assist NSWG-1 CISSM to develop and review the A&A of SIE networks, cloud environments, systems, services, telecommunication circuits, mobile devices, portable electronic devices, hardware, and software using the DoD & ICD RMF to obtain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC). Assist NSWG-1 CISSM to perform risk and vulnerability assessments of IT and IS for authorization; prepare risk assessment reports for submission to the Security Control Assessor (SCA) and Authorizing Official/Designated Authorizing Official/Designated Accrediting Authority (AO/DAO/DAA) in accordance with applicable governance, policies, procedures, and regulations. Assist NSWG-1 CISSM with the enforcement of A&A and connection standards for networks and systems in accordance with applicable governance, policies, procedures, and regulations. Assist NSWG-1 CISSM to track and maintain A&A databases, web sites and tools to ensure that networks, systems, and devices are properly documented and managed from a cybersecurity perspective. Assist NSWG-1 CISSM to track and report to higher headquarters organizations (e.g. USCYBERCOM, DIA) compliance with applicable Cybersecurity regulations and directives. Assist NSWG-1 CISSM to ensure timely notifications are made to responsible individuals and organizations in order to prevent lapses in accreditations (e.g., 30-, 60-, and 90-day notices). Assist NSWG-1 CISSM to develop and maintain an Information Security Continuous Monitoring (ISCM) Plan. This plan shall address ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions. Assist NSWG-1 CISSM to identify, assess, and advise on cybersecurity control compliance and associated risks. Assist NSWG-1 CISSM with Change Management and Incident Handling processes, to 3 manage Remedy ticket requests for Incident Response and cybersecurity requirements. Provide SME input to accurately define incidents, problems, and events in the trouble ticketing system and assist CISSM with diagnosing and resolving tickets and help maintain incident tracking and solution database/dashboard. Assist NSWG-1 CISSM in coordination with USCYBERCOM, DoD, DIA, National Security Agency (NSA), DISA, and subordinate organizations to support the resolution of issues with security, A&A, connection approvals, and waiver requests. Assist NSWG-1 CISSM with performing network, cloud, information systems, hardware, software and device security authorization and assessments, as well as the application and execution of policy, including project management support services. Assist NSWG-1 CISSM with performing network security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool. Provide SME input to identify applicable STIGs and perform assessments using the Security Content Automation Protocol tool. Liaisons with network and system administrators to assist the NSWG-1 CISSM to correct identified deficiencies. Provide SME assessment of scans for new systems and applications being introduced or reviewed in the SIE, identify issues, and provide inputs to certification letters for the government. The contractor will liaison with the Site Integration Facility (SIF) to ensure systems and application meet the standards in the DISA STIGs. Assist NSWG-1 CISSM to validate the patching of systems, perform validation scanning, develop POAM, and report as directed by applicable policies, procedures, and regulations. Assist NSWG-1 CISSM to provide SME input for course of action (COA) development and the implementation of Cybersecurity mitigation strategies. Assist NSWG-1 CISSM to develop and implement required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment. Assist NSWG-1 CISSM to identify, implement, and validate continued effectiveness of key performance parameters and applied security measures. Assist NSWG-1 CISSM to perform analytics on cybersecurity posture and provide reports to the AO/DAO and applicable stakeholders as required per ISCM and AO/DAO direction. Education & Certification BA or BS degree in IT, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution. This position has been designated as a Cyberspace Workforce position in the DoD Cyber Workforce Framework (DCWF) work role of Information System Security Manager (ISSM) proficiency level intermediate. As a condition of employment, the incumbent of the position is required to obtain and maintain qualification in accordance with DoDM 8140.03 Cyber Workforce Qualification and Management Program and supporting Department of Navy policies. This designation requires the incumbent to: Candidates must have the foundational qualification at start of task and the residential qualification within 6 months of start, and maintain those credentials as described in DoDM 8140.03 for DCWF work role of 722 (ISSM) at proficiency level intermediate. For more information, please review DoDM 8140.03 and supporting DON policies. Participate in continuous professional development program as described in DoDM 8140.03. An annual 20 hour minimum of Cyber Workforce related continuous professional development must be documented and completed in a current individual development plan signed by both the employee and supervisor. Continuous professional development begins in the fiscal year after the employee has obtained both foundational and residential qualification requirements Work Location Coronado, CA About Lukos Lukos delivers professional services to the Department of Defense. Lukos has been one of the most successful and most diversified support companies for US Special Operations Command and its components for over a decade. Since our founding, we have grown to support all military services and multiple federal civilian agencies. About Our Name: Lukos is ancient Greek for "wolf". The characteristics of the wolf match our approach to national security. The wolf is known for cunning, aggression, patience, and teamwork. An individual wolf is smart, strong, and resilient, but the true strength of wolves is their ability to work together as

<!– job description page –>