Support will include working with USCENTCOM J3, U.S. Air Force Life Cycle Management Command (AFLCMC/HB) and USCENTCOM Area of Responsibility (AOR) Partner-Nations to provide advisory support in the development and submission of Risk Management Framework documentation and accreditation artifacts; additionally, billet will support Partner-Nation Cybersecurity Risk Review (PNCRR) packages and any risk related assessments or other capabilities supporting AFLCMC/HB’s Partner-Cybersecurity and C4 systems, architectures and processes.
Successful candidate is responsible for supporting and coordination between U.S. and Coalition Partner-Nations, including but not limited to:
- Travel infrequently (+10-25%) to CONUS military bases (including Hanscom AFB) and OCONUS locations within USCENTCOM AOR (including but not limited to Qatar, Bahrain, UAE, Saudi Arabia, Kuwait, Egypt) and other locations, as necessary, for coordination, collaboration or to satisfy job duties.
- Provide advisory support to AFLCMC/HB programs as a Cybersecurity Subject Matter Expert (SME) at USCENTCOM J3/J6 and Partner-Nations, as required.
- Support development, submission, tracking and reporting of AFLCMC/HB RMF, PNCRR or other Cybersecurity related packages or documentation.
- Support Risk Assessment requirements for new AFLCMC/HB capabilities supporting Partner-Nations.
- Advise AFLCMC/HB of changes to USCENTCOM policies regarding partner nations and status of AFLCMC/HB’s RMF, PNCRR or other Cybersecurity related packages or documentation being processed
- Serve as USCENTCOM J3/J6 representative during interoperability discussions, engagements, meetings or other with U.S. and Partner-Nation stakeholders regarding AFLCMC/HB programs.
- Serve as USCENTCOM J3/J6 representative to maintain regular communications with applicable agencies, organizations or stakeholders during risk assessment review of AFLCMC/HB PNCRR documentation packages
- Participate as a member of integrated government/contractor teams of technical and functional experts.
- Provide Analytical support will include research and development of IA/CND concepts, policies, and strategies, particularly within the national security framework.
- Review and provide recommendations for process improvements to improve execution and compliance with Cross Domain Solution (CDS) management. Participates in CDS related workshops, meetings, and conferences including but not limited to Defense IA/Security Accreditation Working Group (DSAWG), Cross Domain Technical Advisory Board (CDTAB)/Cross Domain Solutions Assessment Panel (CDSAP) and others as required.
- Engage with technical experts within USCENTCOM and coordinate with Unified Cross Domain Services Management Office (UCDSMO), Department of Defense (DoD), National Security Agency (NSA), Intelligence Community (IC) Agencies, Cross Domain Solution vendors, and the Cross Domain Solution user community to identify and solve information sharing and security challenges.
- Billet requires candidate to be deployment capable as position may require short deployments to the USCENTCOM AOR.
- Bachelor's Degree in technical discipline or equivalent and 5+ years related experience; OR, High School equivalent and 9+ years of experience.
- Active Top Secret/SCI clearance is required.
- Must meet DoD 8570.01-M minimum of IAT Level II Certification (i.e. Security +).
- 5+ Years of experience producing and maintaining DoD Certification & Accreditation Packages (DIACAP) or RMF package development and submission.
- 5+ Years of experience understanding and implementing DoD, DISA, Joint Staff, CNSSI and NIST cybersecurity instructions, publications and policies.
- 5+ Years of experience in understanding and validating DISA Security Technical Implementation Guides (STIGs); DISA Security Requirements Guides (SRGs), National Security Agency Security Configuration Guides.
- 5+ Years of experience in understanding and validating NIST 800-53 Security Controls; CNSSI 1253 Security Controls and Overlays.
- 1+ Years of experience with Enterprise Mission Assurance Support Service (eMASS).
- Have detailed understanding and experience in Risk Management Framework for DoD Information Technology (RMF for DoD IT).
- Duties include knowledge and experience in Cybersecurity vulnerability scanning and auditing; incident handling and response specifically targeted towards computer incident response and restoration of a secure operating environment; candidate must be familiar with investigation of intrusion events and attempts and analysis of exploits.
- Demonstrated knowledge of Cyber Security and enterprise cyber security solutions.
- Reviewing, validating, and prioritizing cross domain requirements.
- Ability to draft Cross Domain Solution Security Test and Evaluation (ST&E) Plans and Procedures.
- Have knowledge on the access to information regarding cross domain requirements, implementations, installations, and configurations within the organization.
- Ability to coordinate all pertinent cross domain issues with the Unified Cross Domain Management Office.
- Provide coordination and support for the organizations cross domain related risk management framework activities.
- Have knowledge of the available cross domain solution capabilities provided by Enterprise Services (ES) and the Unified Cross Domain Management Office Cross Domain baseline list.
- Ensuring that new cross domain developments are fully coordinated with the Unified Cross Domain Management Office; are in line with the goals and objectives of the Cross Domain Community Roadmap and; fill identified capability gaps.
- Must be able to work independently and have briefing, writing and customer interface skills.
- Experience with Assured Compliance Assessment Solution (ACAS/NESSUS), eEye Retina, DISA Security Content Automation Protocol (SCAP), Host Based Security System (HBSS); Vulnerability Management System (VMS); Continuous Monitoring and Risk Scoring (CMRS) cybersecurity applications and tools.
- Experience briefing senior military and civil service employees.
- Must have a valid US Passport and be deployment capable as position may require short deployments to the USCENTCOM Area of Operation.
- Be familiar with the Cross Domain Solution Phases connection process.
- Be familiar with the Joint Vulnerability Assessment Process (JVAP).
- Be familiar with the SIPRNet Global Information Grid (GIG) Interconnection Approval Process System (SNAP) Database.
SAIC is a premier technology integrator solving our nation's modernization and readiness challenges. Our offerings across defense, space, civilian, and intelligence markets include high-end solutions in engineering, IT, and mission outcomes. We integrate the best components from our portfolio with our partner's ecosystem to deliver innovative and effective solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, VA, SAIC has annual revenues of nearly $7.1 billion. For information, visit saic.com or Working at SAIC for benefits details. SAIC is an Equal Opportunity Employer empowering people no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or veteran status. We strive to create a diverse, inclusive and respectful work culture that values all.