Nisga'a CIOPS, LLC
Overview
Nisga'a CIOPS provides hands-on experienced services to civilian and DoD programs worldwide. Delivering highly skilled, cleared personnel who provide services on five continents for a portfolio of customers. Summary: We are looking for Theater Vulnerability Analyst. This position works directly for the Pacific Air Forces (PACAF) Defensive Cyber Operations and Mission Assurance Branch but works with various PACAF AOR personnel to execute the following duties and responsibilities. The position shall provide expert support, analysis and research into exceptionally complex problems, and processes relating to PACAF Theater Vulnerability Management. Responsibilities
Essential Job Functions: Analyzes PACAF AOR cyber security posture reports Provides PACAF cyber units expertise and fix action guidance Interfaces with base cyber units and provides PACAF leadership a depiction of PACAF Wings ability to: Scan Assured Compliance Assessment Solution (ACAS) Mitigate (via MS System Center Configuration Management (SCCM)/MS Endpoint Configuration Manager (MECM)) Maintain Host Based point products mandated by the DoD (End Point Security formerly known as HBSS) Maintains proficiency on current and future End Point Security assessment tools Assists PACAF cyber field support team with Vulnerability Management (VM) Provide and/or coordinate vulnerability mentor training (virtual or on-site) to PACAF bases as requested Creates and maintains cyber security/VM management training documentation Interfaces with cyber security technicians/ISSMs to maintain up-to-date reporting to keep PACAF compliant Maintains command wide SCCM & MECM health status Coordinate with Vulnerability Management teams upon scan result analysis Identify patching issues/troubleshooting way ahead Produce report to chain of command informing of patching status Analyzes & produces command wide NIPRNet & SIPRNet weighted vulnerability indicator scores Produces & disseminates cyber security/vulnerability reports to PACAF staff containing current MAJCOM security posture Utilizes CCRI reports from the DISA J3 website on SIPRNet to advise PACAF Cybersecurity staff of findings and level of risk Assists with cyber operations briefs by preparing and briefing command-wide statuses to the PACAF Director of Air and Cyberspace Operations Creates and conducts PACAF compliance update briefs on command wide cyber security status and assists with troubleshooting cyber security short falls Assists with creating TASKORDs to raise PACAF cyber security posture Tracks status of VM POAMs until completion and reports at risk POAMs to PACAF leadership Augments CRR-M team as required Maintain Internet Protocol (IP) space and asset lists to cover 100% base assets. Maintain MAJCOM ACAS Account with auditing role in order to analyze and produce vulnerability metrics. Maintain SIPRNet PROD Account in order to provide command wide SCCM/MECM patching analysis on SIPRNet. Maintain ELICSAR Account for situational awareness of cybersecurity toolsets used in PACAF. Maintain AFNET Compliance Tracker Account in order to maintain situational awareness of CTOs, MTOs, TCNOs pertaining to vulnerability management Provides Government Representative Contract Personnel Roster Updates to contractor availability Contract Invoices & Funding Expenses Monthly Status Report (MSR) Contractor's Non-Disclosure Agreements (NDA) Kick-Off Brief & Close-Out Brief Transition Brief Assistance with processing contractors travel requirements Track contract Labor/Events/Workload/Travel schedule & expenses Metrics of Program for Yearly Closeout Provides Cybersecurity SME contractors assistance with: Common access Card (CAC) ID processing and renewals Building Badge processing and renewals DD254 TS/SCI processing and renewals Synchronized Pre-deployment and Operational Tracker (SPOT) processing Financial preparation Letters of Identification Travel Estimates/Schedule Ensure all contractors follow all applicable commercial, and government/military standards which include, but are not limited to the following: Department of Defense Instruction 8500.01, Cybersecurity Department of Defense Instruction 8510.01, RMF for DoD Systems Committee on National Security Systems Instruction 1253, Security Categorization and Control Selection for National Security Systems National Institute of Standards and Technology Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations National Institute of Standards and Technology Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans National Institute of Standards and Technology Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View National Institute of Standards and Technology Special Publication 800-30, Guide for Conducting Risk Assessments All applicable DISA STIGs and Security Review Guides (SRGs) Air Force Instruction (AFI), 17-130 Cyber Security Program Management AFI 17-101, RMF for Air Force Information Technology (IT) AFI 17-110, Information Technology Portfolio Management and Capital Planning and Investment Control National Institute of Standards and Technology Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View National Institute of Standards and Technology Special Publication 800-30, Guide for Conducting Risk Assessments All applicable DISA STIGs and Security Review Guides (SRGs) Air Force Instruction (AFI), 17-130 Cyber Security Program Management AFI 17-101, RMF for Air Force Information Technology (IT) AFI 17-110, Information Technology Portfolio Management and Capital Planning and Investment Control #CJ
#J-18808-Ljbffr
Nisga'a CIOPS provides hands-on experienced services to civilian and DoD programs worldwide. Delivering highly skilled, cleared personnel who provide services on five continents for a portfolio of customers. Summary: We are looking for Theater Vulnerability Analyst. This position works directly for the Pacific Air Forces (PACAF) Defensive Cyber Operations and Mission Assurance Branch but works with various PACAF AOR personnel to execute the following duties and responsibilities. The position shall provide expert support, analysis and research into exceptionally complex problems, and processes relating to PACAF Theater Vulnerability Management. Responsibilities
Essential Job Functions: Analyzes PACAF AOR cyber security posture reports Provides PACAF cyber units expertise and fix action guidance Interfaces with base cyber units and provides PACAF leadership a depiction of PACAF Wings ability to: Scan Assured Compliance Assessment Solution (ACAS) Mitigate (via MS System Center Configuration Management (SCCM)/MS Endpoint Configuration Manager (MECM)) Maintain Host Based point products mandated by the DoD (End Point Security formerly known as HBSS) Maintains proficiency on current and future End Point Security assessment tools Assists PACAF cyber field support team with Vulnerability Management (VM) Provide and/or coordinate vulnerability mentor training (virtual or on-site) to PACAF bases as requested Creates and maintains cyber security/VM management training documentation Interfaces with cyber security technicians/ISSMs to maintain up-to-date reporting to keep PACAF compliant Maintains command wide SCCM & MECM health status Coordinate with Vulnerability Management teams upon scan result analysis Identify patching issues/troubleshooting way ahead Produce report to chain of command informing of patching status Analyzes & produces command wide NIPRNet & SIPRNet weighted vulnerability indicator scores Produces & disseminates cyber security/vulnerability reports to PACAF staff containing current MAJCOM security posture Utilizes CCRI reports from the DISA J3 website on SIPRNet to advise PACAF Cybersecurity staff of findings and level of risk Assists with cyber operations briefs by preparing and briefing command-wide statuses to the PACAF Director of Air and Cyberspace Operations Creates and conducts PACAF compliance update briefs on command wide cyber security status and assists with troubleshooting cyber security short falls Assists with creating TASKORDs to raise PACAF cyber security posture Tracks status of VM POAMs until completion and reports at risk POAMs to PACAF leadership Augments CRR-M team as required Maintain Internet Protocol (IP) space and asset lists to cover 100% base assets. Maintain MAJCOM ACAS Account with auditing role in order to analyze and produce vulnerability metrics. Maintain SIPRNet PROD Account in order to provide command wide SCCM/MECM patching analysis on SIPRNet. Maintain ELICSAR Account for situational awareness of cybersecurity toolsets used in PACAF. Maintain AFNET Compliance Tracker Account in order to maintain situational awareness of CTOs, MTOs, TCNOs pertaining to vulnerability management Provides Government Representative Contract Personnel Roster Updates to contractor availability Contract Invoices & Funding Expenses Monthly Status Report (MSR) Contractor's Non-Disclosure Agreements (NDA) Kick-Off Brief & Close-Out Brief Transition Brief Assistance with processing contractors travel requirements Track contract Labor/Events/Workload/Travel schedule & expenses Metrics of Program for Yearly Closeout Provides Cybersecurity SME contractors assistance with: Common access Card (CAC) ID processing and renewals Building Badge processing and renewals DD254 TS/SCI processing and renewals Synchronized Pre-deployment and Operational Tracker (SPOT) processing Financial preparation Letters of Identification Travel Estimates/Schedule Ensure all contractors follow all applicable commercial, and government/military standards which include, but are not limited to the following: Department of Defense Instruction 8500.01, Cybersecurity Department of Defense Instruction 8510.01, RMF for DoD Systems Committee on National Security Systems Instruction 1253, Security Categorization and Control Selection for National Security Systems National Institute of Standards and Technology Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations National Institute of Standards and Technology Special Publication 800-53A, Guide for Assessing the Security Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans National Institute of Standards and Technology Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View National Institute of Standards and Technology Special Publication 800-30, Guide for Conducting Risk Assessments All applicable DISA STIGs and Security Review Guides (SRGs) Air Force Instruction (AFI), 17-130 Cyber Security Program Management AFI 17-101, RMF for Air Force Information Technology (IT) AFI 17-110, Information Technology Portfolio Management and Capital Planning and Investment Control National Institute of Standards and Technology Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View National Institute of Standards and Technology Special Publication 800-30, Guide for Conducting Risk Assessments All applicable DISA STIGs and Security Review Guides (SRGs) Air Force Instruction (AFI), 17-130 Cyber Security Program Management AFI 17-101, RMF for Air Force Information Technology (IT) AFI 17-110, Information Technology Portfolio Management and Capital Planning and Investment Control #CJ
#J-18808-Ljbffr