Cybersecurity Subject Matter Experts

Overview

Global in service but local in approach, the Nisga'a Tek team is committed to high-quality service to honor those who defend us. Nisga'a Tek's work ensures mission assurance and execution for customers and warfighters.

Summary:

We are looking for Cybersecurity Subject Matter Experts (SME). This position works directly for the Pacific Aire Forces (PACAF) Defensive Cyber Operations and Mission Assurance Branch but works with various PACAF AOR personnel. This position will Deliver Cybersecurity and RMF/Federal Info System Management Act (FISMA) support to PACAF mission owners; distributing current policy and provide guidance, and mentorship to the cyber forces to ensure compliance.

Responsibilities

Essential Job Functions:

• Assist PACAF MOBs & GSUs improve & maintain implementation of congressional FISMA, DoD, and AF cybersecurity directives.
• Conduct (on-site and/or virtual) A&A validation and reviews, using National/DoD/AF standards (e.g., DISA Security Technical Implementation Guides (STIGs), National Institute of Standards and Technology (NIST) SP 800-12).
• Collect and develop A&A artifacts in accordance with AO Office.
• Assisting MOBs and GSUs maintain and sustain A&A packages, including tracking/updating A&A documents/products in the following databases:
  • Connection Approval Process (CAP) for SNAP
  • GIAP circuit management tools
  • eMASS and ITIPS
  • Continuous Monitoring Risk Scoring (CMRS) efforts
• Assist MOB and GSUs create and maintain comprehensive RMF products for the theater circuits/enclaves via eMASS as required. Products must include all requirements IAW applicable DoD and AF Instructions.
• Assist the Government in the creation, consultation, revision, finalization, submission of the deliverables for RMF to include but not limited to the following:
  • System Security Plan
  • Ports Protocol Services Matrix (enclave)
  • Artifacts for control validation (STIG results, Policies, Scans, Charters, etc., unit provided)
  • Plan of Actions and Milestones (POAMs)
  • System Topology
• Provide up-dates through AF central FISMA database repository, ITIPS.
• Ensure A&A data are synchronized across AF and DISA repositories (eMASS, ITIPS, SNAP, and GIAP).
• Assist processing circuit connection requests for all the main bases through SIPRNet Global Information Grid (GIG) Interconnection Approval Process (GIAP) System (SGS) and the NIPRNet SNAP.
• Prepare and mentor NAF, Wing, and cybersecurity forces through the CRR-M program.
• Train and assist PACAF MOBs & GSUs personnel in the use of DoD security technical implementation tools and technology to maintain & improve cyber readiness.
• Consult to resolve any issues with DoD required vulnerability scanning tools, including system credentials, access control list, and identified network assets.
• Consult to resolve any issues with DoD required endpoint security solutions for all host devices in the network enclaves.
• Assist and prepare PACAF Wings for CCRIs & CCORIs on NIPRNet, SIPRNet and supported information systems.
• Create CCRI and CCORI scores and Risk Assessment Report for the MOBs & GSUs using DISA CCRI Scoring and Risk Assessment tools.
• Provide recommendations for mitigations & follow-on actions to include POAMs.

#CJ

Qualifications

Necessary Skills and Knowledge:

• Ability to deliver Cybersecurity and RMF/FISMA support to mission owners; distributing current policy and provide guidance, and mentorship to the cyber forces.
• Knowledge of congressional FISMA, DoD, and AF cybersecurity directives.
• In-depth experience conducting (on-site and/or virtual) A&A validation and reviews, using National/DoD/AF standards (e.g., DISA STIGs, NIST SP 800-12).
• In-depth experience collecting and developing A&A artifacts.
• Ability to maintain and sustain A&A packages, including tracking/updating A&A documents/products in the following databases:
• CAP for SNAP
• GIAP circuit management tools
• eMASS and ITIPS
• CMRS efforts
• Proficiency in creating and maintaining RMF products for the theater circuits/enclaves via eMASS.
• Experience in creating, consulting, revising, finalizing, submitting RMF deliverables.
• Ability to provide up-dates through AF central FISMA database repository, ITIPS.
• In-depth experience ensuring A&A data is synchronized across AF and DISA repositories.
• Knowledge of processing circuit connection requests through SGS and SNAP.
• In-depth experience in mentoring.
• Ability to train and assist personnel with DoD cyber security tools and technology.
• Knowledge of how to resolve issues with DoD vulnerability scanning tools, including system credentials, access control list, and identified network assets.
• Knowledge of how to resolve issues with DoD required endpoint security solutions for all host devices in the network enclaves.
• In-depth experience preparing Wings for CCRIs & CCORIs on NIPRNet, SIPRNet and supported information systems.
• In-depth experience with CCRI and CCORI scores and Risk Assessment Report for the MOBs & GSUs using DISA CCRI Scoring and Risk Assessment tools.
• Ability to provide recommendations for mitigations & follow-on actions to include POAMs.

Minimum Qualifications:

• 2-3 years of experience and the skills required to execute Federal, National, DoD, USAF CIO, and US State Department Requirements to be able to assess cyber risk, identify mission sets, and defend the mission.
• 2-3 years of experience of applying, assessing, and advising MAJCOM staff and Wings on cybersecurity requirements.
• DoD 8570.1-M certified at Information Assurance Technical (IAT) Level 3 - Anyone (1) of the following:
• CompTIA Advanced Security Practitioner Continuing Education (CASP CE)
• Cisco Certified Network Professional-Security (CCNP-Security)​
• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP) (or Associate - this means the individual has qualified for the certification except for the number of years’ experience)
• Global Information Assurance Certification (GIAC) Certified Enterprise Defender (GCED)
• GIAC Certified Incident Handler (GCIH)
• Certified Cloud Security Professional (CCSP)
• Certificates of completion for the following training
• Level 1 Anti-Terrorist Training - within the past year
• USFK Training - no time requirement (only required to be taken once)
• DoD Cyber Awareness Challenge - within the past year
• Operations Security (OPSEC) Awareness - within the past year
• Derivative Classification IF103.16 - within the past year
• Force Protection - within the past year
• Top Secret (TS) / Sensitive Compartmented Information (SCI) security clearance
• Ability to travel to PACAF MOBs and GSUs to conduct duties and responsibilities.
  • At a minimum up to 40% of the time.

Preferred Qualifications:

• Bachelor’s degree in related field.
• Level A Survival, Evasion, Resistance, and Escape (SERE) Training - within the past 1-2 years

The pay range for this position is $140,000.00 - $165,000.00 annually. 

Pay and Benefits

At Goldbelt, we value and reward our team's dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, you'll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.