• Supporting the system/application authorization and accreditation (A&A) effort, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing DoD and Air Force policies (i.e., Risk Management Framework (RMF).
• Recommending policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data.
• Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
• Promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations’ visions and goals.
• Conducting systems security evaluations, audits, and reviews.
• Recommending systems security contingency plans and disaster recovery procedures.
• Recommending and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures.
• Participating in network and systems design to ensure implementation of appropriate systems security policies.
• Facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes.
• Assessing security events to determine impact and implementing corrective actions.
• Ensuring the rigorous application of information security/cybersecurity policies, principles, and practices in the delivery of all IT services.
• Perform as or support the Information System Security Engineer (ISSE) in an Information Assurance Workforce System Architecture and Engineering (IASAE) position as outlined in AFI 33-200, AFI 33-210 and AFMAN 33-285 for assigned systems.
• Perform as or support the Information System Security Officer (ISSO) duties as outlined in DoDI 8510.01 for assigned systems/applications.
•Role: ISSE (IASAE Level II) — 8570 Baseline Certs: CASP+ CE, CISSP (or Associate), CSSLP
• Role: ISSO (IAM Level II) — 8570 Baseline Certs: CAP, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO
• Familiar with Enterprise Mission Assurance Support Service (eMASS)
• Familiarity with Cloud Enterprise applications
• Desired – Experience supporting DoD acquisition and/or fielding programs.
• 5-10 yrs years of experience (Note – Certifications are more important than yrs. of experience).