Overview:
JHNA Technology Security is currently seeking an Information System Security Specialist III, to support a potential government customer at Naval Surface Warfare Center, Philadelphia Division in either JHNA's Maryland location or on Government Site in Philadelphia, PA.
This is a contingent position being filled during the request for proposal period. The work location depends on the candidate's preference for hours and facility, either is acceptable.
The Naval Surface Warfare Center Philadelphia Division (NSWCPD) is a Department of Defense entity responsible for research and development, test and evaluation, engineering and fleet support organization for the Navy's ships, submarines, military watercraft, and unmanned vehicles. This requirement is for NSWCPD Department 40, which is responsible for Propulsion, Power & Auxiliary Machinery Systems. The Statement of Work is for the development, monitoring, and execution of the Cybersecurity Program in support of Propulsion, Power and Auxiliary Machinery Systems at Naval Surface Warfare Center, Philadelphia, PA, which includes Risk Management Framework (RMF) services. The effort includes Cybersecurity policy, reviewing Authorization & Assessment (A&A) artifacts, performing A&A validation, implementation of security postures, Subject Matter Expertise in cybersecurity life cycle management, coordination, implementation, and sustainment of A&A.
Roles/Responsibilities:
- Collect and collate system or site information and use it to evaluate and document in Enterprise Mission Assurance Support Service (eMASS) the security posture of the Propulsion, Power, & Auxiliary Machinery systems and subsystems being Assessed, Authorized, and maintained.
- Review security assessment plans, test plans, and procedures to ensure they addresses the correct level of effort and are sufficiently comprehensive to assess all Information Assurance (IA) requirements applicable to the applicable system or site, for assessment, authorization, and maintenance have been met.
- Optimize A&A and AO testing procedures to ensure the most accurate reporting in the appropriate format and that all IA requirements have been addressed. Evaluate all discrepancies and recommend potential mitigation measures for reducing or eliminating specific risks.
- Conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks and protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on package content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher-level review.
- Conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and represent the current risk posture of the system.
- Work with the Information System Owner/ISSO/System Administrators equivalent to NSWCPD's Information System Security Officer (ISSO) to determine applicable fixes and/or mitigation for weaknesses and to determine the adequate level of residual risk.
- Perform analysis of logs, events, and reporting of various data collections tools including vulnerability monitoring via Assured Compliance Assessment System (ACAS) and related tools, Host Based Security Systems (HBSS), web content filters, Security Information and event management (SIEM), firewall systems, network devices, server devices, workstations, and intrusion detection and prevention systems (ID/PS).
- Assess impacts from observed risks and report via the Cybersecurity Program chain of command.
- Perform the evaluation of system administrator, security engineer, and/or system owner proposed corrections to ensure compliance and best-fit solution.
- Present and submit data to management, develop reports, and produce procedural documentation in a comprehensive and cohesive manner.
- Perform remediation, patching, scanning and associated boundary maintenance risk management and security engineering for RMF Afloat systems.
- Develop all required eMASS documents, to include Plan of Actions and Milestones (POA&Ms)/ Risk Assessment Reports (RARs) and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs); products shall be created in the appropriate software (i.e. Microsoft Visio, scanning software, eMASS DISA STIG Viewer, etc.)
- Determine a system's compliance with all applicable Controls and Assessment Procedures (APs) for an assigned DoN system, including developing the appropriate test procedures, if necessary; executing the test procedures; and accurately documenting the results of security testing. The analysts shall update the eMASS record for the assigned system(s).
- Document residual risks in a plan of actions and milestones formatted in compliance with the current package system, currently eMASS.
- Maintain current vulnerability scan data and residual risk plan of actions and milestones in Vulnerability Remediation Asset Manager (VRAM).
- Track deliverables and action items in accordance with A&A guidance.
- Manage, attend, and support configuration control board practices.
- Ensure RMF artifacts are in compliance with published Navy, NAVSEA Business Rules (OPNAV N2N6 and/or NAVSEA), NIST SP-800-37 and SP-800-53 Rev 4. In addition, local NSWCPD policies and procedures may apply. Command Information System Security Manager (ISSM) will resolve any conflicting interpretations.
- Create and verify the accuracy of POA&Ms/RARs as identified by vulnerability actual test results.
Qualifications Required:
- Must have a bachelor's degree in a technical related discipline.
- Must have at least Five (5) years professional experience performing analysis of logs and events, and of various data collection tools; as well as experience automating processes through scripting and assessing impacts from observed risks and present the findings through the chain-of-command.
- Must have an active Secret clearance.
- Must have a minimum of one (1) of the following certifications: Certified Analytics Professional (CAP) certification; CompTIA Advanced Security Practitioner (CASP+CE) certification; Certified Information Security Manager (CISM) certification; Certified Information Systems Security Professional (CISSP) certification; GIAC Security Leadership (GSLC) certification; Certified Chief Information Security Officer (CCISO) certification.
- Must have the following Software Experience: eMASS, VRAM, ACAS