Kapili Services, LLC
Various Cybersecurity Positions
Kapili Services, LLC, Washington, District of Columbia, us, 20022
Overview
The Alaka`ina Foundation Family of Companies (FOCs) has a need for
Various Cybersecurity Positions
to support our government customer primarily located in the NCR - National Capital Region (Washington, D.C. and/or Germanton, MD). Some positions will be located in Albuquerque, NM and Las Vegas, NV. The majority of positions will be held within the NCR. All positions will require on-site support at a designated government location.
Positions to include but not limited to:
Information System Security Manager (ISSM)
Information System Security Officer (ISSO)
Authorization Official Designated Representative (AODR)
CSSP Analyst
Technical Assessor
Programmatic Assessor
Responsibilities
Assist in developing and maintaining accurate cybersecurity documentation for on-premises and cloud information systems and major applications.
Support Information Assurance documentation including Information System Security Plans (ISSPs), security baselines, risk assessments and Plan of Action and Milestones (POA&Ms).
Ensure that systems comply with Federal requirements and government baselines, in accordance with NA-IM cybersecurity policies.
Provide ISSO support for NA-IM in Information Assurance activities.
Utilize implemented tools and monitoring capabilities to support continuous authorization and interpret data to identify changes to a system, vulnerabilities, configuration, and implemented security controls.
Carry out activities at the organization, mission, business process, and information system levels of the enterprise to help prepare NNSA-OCIO to manage its security and privacy risks using RMF.
Determine and assign ISSO resources; establish and document organizationally tailored control baselines; identify, document, and publish organization-wide common controls for inheritance.
Utilize tools to continuously monitor control effectiveness; identify and document assets requiring protection; conduct system-level risk assessments and update results ongoing.
Define and document security and privacy requirements for the system and environment of operation; determine placement of the system within the enterprise architecture; categorize the information system using FIPS 199 and NIST 800-60 and document results in the Security Plan.
Provide a written subsection of the System Security Plan covering FIPS 199 Standards for Security Categorization; describe the system and environment; document the System Definition in the Security Plan.
Ensure all information systems are designed, implemented, and operated securely through agile cybersecurity authorization with collaboration from system administrators or developers through development, testing, and implementation phases.
Register the information system with appropriate program/management offices; establish and maintain security controls per NIST 800-53 and CNSSI 12-53 and other requirements; document controls and their implementation in security plans.
Work with system owners to ensure security and privacy requirements are satisfied; implement Enterprise or Site Common Controls for inheritance; assess selected security controls for IT and OT to ensure proper operation within risk boundaries.
Develop and submit plans to assess implemented controls; perform assessments per the plan; provide a Security Assessment Report (SAR) to the System Owner, ISSO, ISSM, AODR and AO; document compliance results and risks in the SAR and eGRC tool.
Develop and track Plan of Action and Milestones (POA&MS) for failed controls; provide data call responses and evidence gathering; support internal and external assessments and audits.
Collaborate with internal and external partners; maintain relationships with Cyber Operations, IT Operations, Mission Integration, Security Operations Center, other NNSA entities and other Government Agencies; regularly audit security measures for effectiveness and compliance.
Communicate with IA Federal personnel to identify non-compliance and establish timely corrective actions; keep program documents up to date (examples include NA-IM Enterprise Cybersecurity Program Plan, Enterprise Cybersecurity Improvement Plan, NNSA Cybersecurity Threat and Risk Statement).
Support governance-type program and policy documents to implement DOE/NNSA and federal requirements; review legislation and directives for potential impacts and recommend policy changes.
ISSM, AODR, and Program Management requirements: ensure timely and accurate completion of authorization activities (ISSPs, risk assessments, security baselines, etc.) for initial and re-authorization; manage risk boundaries and transparency; onboard and terminate contractor personnel; ensure deliverables meet Enterprise Cybersecurity Program requirements and TPOC standards; provide strategic support at meetings and briefings.
Work with NA-IM and NNSA contractors; ensure CSSP-related responsibilities include CSSP certification, using Evaluator Scoring Metrics, vulnerability management reporting, policy maintenance, site operations alignment, and interactions with IARC NOC/SOC for boundary monitoring and incident response.
Required Degree/Education/Certification
Technical assessors must be certified at minimum per Cyber Security Service Provider Auditor (IAT III) within six months of assignment.
Programmatic assessors must be certified to Information Assurance Manager II and III within six months of assignment.
Must meet certification requirements IAW DCWF DoDD 8140, NNSA, or equivalent training and experience.
Required Skills and Experience Must have experience supporting a cybersecurity compliance program for a Federal or DoD customer.
Required Citizenship and Clearance
Must be a Born or Naturalized U.S. Citizen. Green Card or Visa holders are not eligible for this work effort.
Top Secret and/or Q Clearance is required.
The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries plus a benefits package including 401K with company match; medical, dental, disability, and life insurance; tuition reimbursement; paid time off; and 11 paid holidays.
We are an Equal Opportunity/Affirmative Action Employer of individuals with disabilities and veterans. If you are a person with a disability and need an accommodation during the application process, please click here to request accommodation. We E-Verify all employees.
"EOE, including Disability/Vets" OR "Equal Opportunity Employer, including Disability/Veterans"
The Alaka`ina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies includes Ke`aki Technologies, Laulima Government Solutions, Kpono Government Services, Kapili Services, Po`okela Solutions, Kkaha Solutions, LLC, and Pololei Solutions, LLC. Alaka`ina Foundation activities principally benefit the youth of Hawaii through charitable efforts including innovative educational programs in leadership, science & technology, and environmental stewardship.
For additional information, please visit www.alakainafoundation.com
#LI-JS1
#ClearanceJobs
#J-18808-Ljbffr
Various Cybersecurity Positions
to support our government customer primarily located in the NCR - National Capital Region (Washington, D.C. and/or Germanton, MD). Some positions will be located in Albuquerque, NM and Las Vegas, NV. The majority of positions will be held within the NCR. All positions will require on-site support at a designated government location.
Positions to include but not limited to:
Information System Security Manager (ISSM)
Information System Security Officer (ISSO)
Authorization Official Designated Representative (AODR)
CSSP Analyst
Technical Assessor
Programmatic Assessor
Responsibilities
Assist in developing and maintaining accurate cybersecurity documentation for on-premises and cloud information systems and major applications.
Support Information Assurance documentation including Information System Security Plans (ISSPs), security baselines, risk assessments and Plan of Action and Milestones (POA&Ms).
Ensure that systems comply with Federal requirements and government baselines, in accordance with NA-IM cybersecurity policies.
Provide ISSO support for NA-IM in Information Assurance activities.
Utilize implemented tools and monitoring capabilities to support continuous authorization and interpret data to identify changes to a system, vulnerabilities, configuration, and implemented security controls.
Carry out activities at the organization, mission, business process, and information system levels of the enterprise to help prepare NNSA-OCIO to manage its security and privacy risks using RMF.
Determine and assign ISSO resources; establish and document organizationally tailored control baselines; identify, document, and publish organization-wide common controls for inheritance.
Utilize tools to continuously monitor control effectiveness; identify and document assets requiring protection; conduct system-level risk assessments and update results ongoing.
Define and document security and privacy requirements for the system and environment of operation; determine placement of the system within the enterprise architecture; categorize the information system using FIPS 199 and NIST 800-60 and document results in the Security Plan.
Provide a written subsection of the System Security Plan covering FIPS 199 Standards for Security Categorization; describe the system and environment; document the System Definition in the Security Plan.
Ensure all information systems are designed, implemented, and operated securely through agile cybersecurity authorization with collaboration from system administrators or developers through development, testing, and implementation phases.
Register the information system with appropriate program/management offices; establish and maintain security controls per NIST 800-53 and CNSSI 12-53 and other requirements; document controls and their implementation in security plans.
Work with system owners to ensure security and privacy requirements are satisfied; implement Enterprise or Site Common Controls for inheritance; assess selected security controls for IT and OT to ensure proper operation within risk boundaries.
Develop and submit plans to assess implemented controls; perform assessments per the plan; provide a Security Assessment Report (SAR) to the System Owner, ISSO, ISSM, AODR and AO; document compliance results and risks in the SAR and eGRC tool.
Develop and track Plan of Action and Milestones (POA&MS) for failed controls; provide data call responses and evidence gathering; support internal and external assessments and audits.
Collaborate with internal and external partners; maintain relationships with Cyber Operations, IT Operations, Mission Integration, Security Operations Center, other NNSA entities and other Government Agencies; regularly audit security measures for effectiveness and compliance.
Communicate with IA Federal personnel to identify non-compliance and establish timely corrective actions; keep program documents up to date (examples include NA-IM Enterprise Cybersecurity Program Plan, Enterprise Cybersecurity Improvement Plan, NNSA Cybersecurity Threat and Risk Statement).
Support governance-type program and policy documents to implement DOE/NNSA and federal requirements; review legislation and directives for potential impacts and recommend policy changes.
ISSM, AODR, and Program Management requirements: ensure timely and accurate completion of authorization activities (ISSPs, risk assessments, security baselines, etc.) for initial and re-authorization; manage risk boundaries and transparency; onboard and terminate contractor personnel; ensure deliverables meet Enterprise Cybersecurity Program requirements and TPOC standards; provide strategic support at meetings and briefings.
Work with NA-IM and NNSA contractors; ensure CSSP-related responsibilities include CSSP certification, using Evaluator Scoring Metrics, vulnerability management reporting, policy maintenance, site operations alignment, and interactions with IARC NOC/SOC for boundary monitoring and incident response.
Required Degree/Education/Certification
Technical assessors must be certified at minimum per Cyber Security Service Provider Auditor (IAT III) within six months of assignment.
Programmatic assessors must be certified to Information Assurance Manager II and III within six months of assignment.
Must meet certification requirements IAW DCWF DoDD 8140, NNSA, or equivalent training and experience.
Required Skills and Experience Must have experience supporting a cybersecurity compliance program for a Federal or DoD customer.
Required Citizenship and Clearance
Must be a Born or Naturalized U.S. Citizen. Green Card or Visa holders are not eligible for this work effort.
Top Secret and/or Q Clearance is required.
The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries plus a benefits package including 401K with company match; medical, dental, disability, and life insurance; tuition reimbursement; paid time off; and 11 paid holidays.
We are an Equal Opportunity/Affirmative Action Employer of individuals with disabilities and veterans. If you are a person with a disability and need an accommodation during the application process, please click here to request accommodation. We E-Verify all employees.
"EOE, including Disability/Vets" OR "Equal Opportunity Employer, including Disability/Veterans"
The Alaka`ina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies includes Ke`aki Technologies, Laulima Government Solutions, Kpono Government Services, Kapili Services, Po`okela Solutions, Kkaha Solutions, LLC, and Pololei Solutions, LLC. Alaka`ina Foundation activities principally benefit the youth of Hawaii through charitable efforts including innovative educational programs in leadership, science & technology, and environmental stewardship.
For additional information, please visit www.alakainafoundation.com
#LI-JS1
#ClearanceJobs
#J-18808-Ljbffr