- CAP
- CASP+ CE
- CISM
- CISSP (or Associate)
- GSLC
- CCISO
- DoD 8570.1 IAM-Level II certification (e.g., CAP, CASP CE, CISSP, GSLC, CISM)
- 3 years of System Security engineering experience in conducting Information System Security assessments; evaluating IA and Cybersecurity security controls; and conducting and supporting RMF activities in Steps 1–5.
- Strong working knowledge of S/SAP enclave accreditation and ACAS operations
- Strong working knowledge of RMF, Defense Information Assurance Certification and Accreditation Process (DIACAP), and Joint Special Access Program (SAP) Implementation Guide (JSIG)
- DoD 8570.1 IAM-Level III certification (e.g., CISSP)
- Bachelor’s degree in Information Systems management, computer science, electrical engineer, or computer engineering.
- Waiver of individual experience/qualification requirements will be addressed on a case-by-case basis.
- Provide expertise in information and computer System Security.
- Plan, manage, and execute accreditation efforts as directed by the USAF WPNS. These efforts include, but are not limited to:
- Authorization packages to obtain Authorizations to Operate and Connect, preparation of information and artifacts for IATT/ATO/ATC submission, management of risk and conducting risk assessments, conducting annual security reviews and scans, and reporting security posture of all networks and Information System enclaves within the WPNS, and enterprise-level information assurance efforts to maximize efficiency across the WPNS effort.
- Ensure WPNS systems are in compliance with the requirements of the Risk Management Framework (RMF), National Institute of Standards and Technology Special Publications (NIST SP), Federal Information Processing Standards Publication (FIPS), and AFI 17-101.
- Generate and maintain System Security Plans (SSPs), support Continuous Monitoring (CM), and create Plans of Action and Milestones (POA&M) for non-compliant and non-applicable controls.
- Schedule and conduct ACAS scans, perform and document initial training for all personnel requiring access to any classified IS, ensure Configuration Management (CM) of each IS.
- Track accreditation/cybersecurity status for all persistent system connections (external and internal), ensure the interconnection of external sites/units across various networks for regular training, ensure networks are installed and operated in accordance will established directives, and support maintenance of network Interconnection Security Agreements (ISA) with external sites.
-----------------------------------------------------------------------------------------------------