- Ensure all users have the requisite security clearances and need-to-know, complete annual cybersecurity training, and are aware of their responsibilities before being granted access to the IT.
- Maintain all authorized user access control documentation IAW the applicable AF Records Information Management System (AFRIMS).
- Ensure software, hardware, and firmware complies with appropriate security configuration guidelines (e.g., Security Technical Implementation Guides (STIGs)/Security Requirement Guides (SRG)).
- Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the system level ISSM and SCA.
- Initiate protective or corrective measures, in coordination with the security manager, when a security incident or vulnerability is discovered.
- Report security incidents or vulnerabilities to the system-level ISSM.
- Analyze information assurance-related technical problems and provide engineering and technical support in solving these problems.
- Perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle. Provide technical support to the IA Cell to develop and maintain IA processes and procedures for computer network defense-in-depth protection for the enterprise.
- Track all implementation information for assurance directed guidelines for all hardware as well as applicable software ensuring proper security for the Enterprise.
- Provide tracking and summary reports based on findings to leadership. Implementation actions include but are not limited to STIGs, compliant patch implementation/management, Information Assurance Vulnerability Management (IAVM) compliance, integration/ implementation of network or firewall approved devices, and react appropriately to cyber threats.
- Produce monthly status reports of IA compliance for all portions of the Enterprise.
- Run IA scans with appropriate and approved tools (e.g. Security Content Automation Protocol (SCAP), Assured Compliance Assessment Solution (ACAS), etc.) of all items as directed. Scans shall be run using the most recent security definitions of each tool.
- The contractor shall maintain CCB-approved configurations consistent with DoD policies and procedures.
- Update, document, and maintain appropriate IA implementation actions in the Vulnerability Management System (VMS) database and any additional database archives mandated.
- Support and perform DoD Risk Management Framework in accordance with NIST 800- 53 and NIST 800-53A for IA controls; 8570/8140 for IA Workforce training and DCID 6/3 for protection of sensitive compartmented information. This also includes the updates to the Risk Management Framework (RMF) package and all updated instructions which support the Assess and Authorize (A&A) process.
- Interpret and communicate findings to the JNOC, IA cell and JCSE leadership for the impact of implementing of IA hardware/software upgrades/modifications, policy, and directives to Enterprise.
- The contractor shall document and present operational systems/network computer network defense recommendations and issues.
- Must have a DoD 8570 IAM Level I Certification
- Must have documented experience with Risk Management Framework (RMF).
- Must have knowledge of DISA STIG implementation, vulnerability scanning, and mitigation.
- Must have documented experience with the following tools: ACAS, Nessus, SCAP compliant tools.
- Must have experience with the development of System Security Plans.
- Must have at least 2 years of experience with Associates Degree or 5 years of direct work experience.
- Must be a US Citizen.
- Top Secret w/SCI Eligibility.
United One Communications (UOC) is an 8(a) Small Business Administration (SBA) Certified, Historically Underutilized Business Zone (HUBZone), Native American Owned Small Business headquartered in Tampa, Florida and is currently among the leading Information Technology solution providers in the United States.
United One Communications is a global systems integrator that provides a comprehensive range of communications, enterprise information technologies, and cybersecurity solutions for government and commercial customers worldwide.
At United One Communications we work with our customers to develop multifaceted solutions integrating strategy, innovation, analytics, and process improvements. Our team ensures successful implementation of best practice solutions while minimizing disruption and maximizing the return on investment for our customers. We adhere to holistic, process-driven business practices, transparency with our partners, and the delivery of cost-effective results for our customers.
Integrity, Trust, Teamwork, Innovation, and Customer Satisfaction
Our primary goal is to achieve the ultimate satisfaction of our customers and pave their way to success. This result driven philosophy is reflected in every aspect of our solution approach from the software, we select our implementation and change management strategies.
The executive management team at United One Communications has worked with government and commercial customers across different business units extensively, delivering highly successful IT initiatives. This level of commitment carries over to everything we do from focusing on our customers to creating a collegial work environment for our employees. It is this self-reinforcing culture of quality that enabled United One Communications to build such a remarkable track record of success with all our customers.
Role: Information Systems Security Officer
Apply for this job now.