Logo
Kapili Services, LLC

Various Cybersecurity Positions

Kapili Services, LLC, Washington

Save Job

Overview

The Alaka`ina Foundation Family of Companies (FOCs) has a need for Various Cybersecurity Positions to support our government customer primarily located in the NCR - National Capital Region (Washington, D.C. and/or Germanton, MD). Some positions will be located in Albuquerque, NM and Las Vegas, NV. The majority of positions will be held within the NCR. All positions will require on-site support at a designated government location.

Positions to include but not limited to:

  • Information System Security Manager (ISSM)
  • Information System Security Officer (ISSO)
  • Authorization Official Designated Representative (AODR)
  • CSSP Analyst
  • Technical Assessor
  • Programmatic Assessor

Responsibilities

  • Assist in developing and maintaining accurate cybersecurity documentation for on-premises and cloud information systems and major applications.
  • Support Information Assurance documentation including Information System Security Plans (ISSPs), security baselines, risk assessments and Plan of Action and Milestones (POA&Ms).
  • Ensure that systems comply with Federal requirements and government baselines, in accordance with NA-IM cybersecurity policies.
  • Provide ISSO support for NA-IM in Information Assurance activities.
  • Utilize implemented tools and monitoring capabilities to support continuous authorization and interpret data to identify changes to a system, vulnerabilities, configuration, and implemented security controls.
  • Carry out activities at the organization, mission, business process, and information system levels of the enterprise to help prepare NNSA-OCIO to manage its security and privacy risks using RMF.
  • Determine and assign ISSO resources; establish and document organizationally tailored control baselines; identify, document, and publish organization-wide common controls for inheritance.
  • Utilize tools to continuously monitor control effectiveness; identify and document assets requiring protection; conduct system-level risk assessments and update results ongoing.
  • Define and document security and privacy requirements for the system and environment of operation; determine placement of the system within the enterprise architecture; categorize the information system using FIPS 199 and NIST 800-60 and document results in the Security Plan.
  • Provide a written subsection of the System Security Plan covering FIPS 199 Standards for Security Categorization; describe the system and environment; document the System Definition in the Security Plan.
  • Ensure all information systems are designed, implemented, and operated securely through agile cybersecurity authorization with collaboration from system administrators or developers through development, testing, and implementation phases.
  • Register the information system with appropriate program/management offices; establish and maintain security controls per NIST 800-53 and CNSSI 12-53 and other requirements; document controls and their implementation in security plans.
  • Work with system owners to ensure security and privacy requirements are satisfied; implement Enterprise or Site Common Controls for inheritance; assess selected security controls for IT and OT to ensure proper operation within risk boundaries.
  • Develop and submit plans to assess implemented controls; perform assessments per the plan; provide a Security Assessment Report (SAR) to the System Owner, ISSO, ISSM, AODR and AO; document compliance results and risks in the SAR and eGRC tool.
  • Develop and track Plan of Action and Milestones (POA&MS) for failed controls; provide data call responses and evidence gathering; support internal and external assessments and audits.
  • Collaborate with internal and external partners; maintain relationships with Cyber Operations, IT Operations, Mission Integration, Security Operations Center, other NNSA entities and other Government Agencies; regularly audit security measures for effectiveness and compliance.
  • Communicate with IA Federal personnel to identify non-compliance and establish timely corrective actions; keep program documents up to date (examples include NA-IM Enterprise Cybersecurity Program Plan, Enterprise Cybersecurity Improvement Plan, NNSA Cybersecurity Threat and Risk Statement).
  • Support governance-type program and policy documents to implement DOE/NNSA and federal requirements; review legislation and directives for potential impacts and recommend policy changes.
  • ISSM, AODR, and Program Management requirements: ensure timely and accurate completion of authorization activities (ISSPs, risk assessments, security baselines, etc.) for initial and re-authorization; manage risk boundaries and transparency; onboard and terminate contractor personnel; ensure deliverables meet Enterprise Cybersecurity Program requirements and TPOC standards; provide strategic support at meetings and briefings.
  • Work with NA-IM and NNSA contractors; ensure CSSP-related responsibilities include CSSP certification, using Evaluator Scoring Metrics, vulnerability management reporting, policy maintenance, site operations alignment, and interactions with IARC NOC/SOC for boundary monitoring and incident response.

Required Degree/Education/Certification

  • Technical assessors must be certified at minimum per Cyber Security Service Provider Auditor (IAT III) within six months of assignment.
  • Programmatic assessors must be certified to Information Assurance Manager II and III within six months of assignment.
  • Must meet certification requirements IAW DCWF DoDD 8140, NNSA, or equivalent training and experience.

Required Skills and Experience

Must have experience supporting a cybersecurity compliance program for a Federal or DoD customer.

Required Citizenship and Clearance

  • Must be a Born or Naturalized U.S. Citizen. Green Card or Visa holders are not eligible for this work effort.
  • Top Secret and/or Q Clearance is required.

The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries plus a benefits package including 401K with company match; medical, dental, disability, and life insurance; tuition reimbursement; paid time off; and 11 paid holidays.

We are an Equal Opportunity/Affirmative Action Employer of individuals with disabilities and veterans. If you are a person with a disability and need an accommodation during the application process, please click here to request accommodation. We E-Verify all employees.

"EOE, including Disability/Vets" OR "Equal Opportunity Employer, including Disability/Veterans"

The Alaka`ina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies includes Ke`aki Technologies, Laulima Government Solutions, Kpono Government Services, Kapili Services, Po`okela Solutions, Kkaha Solutions, LLC, and Pololei Solutions, LLC. Alaka`ina Foundation activities principally benefit the youth of Hawaii through charitable efforts including innovative educational programs in leadership, science & technology, and environmental stewardship.

For additional information, please visit

#LI-JS1

#ClearanceJobs

#J-18808-Ljbffr