Lead Computer Security Specialist III (Terminal) Work starting January 2025 Kingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher s core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself as a recognized and trusted partner whose mission is safeguarding sensitive information, operatio... more details
Lead Computer Security Specialist III (Terminal)
Work starting January 2025
Kingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfishers core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself as a recognized and trusted partner whose mission is safeguarding sensitive information, operations, and programs for our Federal customers and U.S. warfighters.
Lead Computer Security Specialist III acts as the organization's lead in disseminating and ensuring the implementation of Information Assurance (IA) policy, guidance, and training requirements for the assigned Project Office. Ensures full implementation of the Information Assurance Vulnerability Management (IAVM) program, including dissemination, reporting, and compliance procedures. Performs risk analyses, which also include risk assessment. Ensures all Information Systems (IS) within the assigned Project Office are certified and accredited, as required by DoD and Army regulations and policy.
Responsibilities
- Consulting with the Government for security control implementation, assessment, and sustainment throughout the system life cycle, including timely and effective configuration and vulnerability management
- Ensuring that system security engineering is used to design, develop, implement, modify, and test, and evaluate the system architecture in compliance with the cybersecurity component of the DoD Enterprise Architecture, and to make maximum use of enterprise cybersecurity
- Assisting in developing and maintaining an organizational or system-level cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures
- Monitoring compliance with cybersecurity policy, as appropriate, and reviewing the results of such monitoring
- Ensuring that cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations
- Ensuring implementation of IS security measures and procedures, including reporting incidents to the designated PdM WESS authorizing official (AO) and appropriate reporting chains, and assisting in coordinating system-level responses to unauthorized disclosures of classified information
- Acting as the primary cybersecurity technical consultant to the Government for applicable DoD IS and platform information technology (PIT) systems
- Ensuring that cybersecurity-related events or configuration changes that may impact PdM WESS IS and PIT systems authorization or security posture are formally reported to the PdM WESS
- Advising PdM WESS on the implementation and enforcement of all DoD IS and PIT system cybersecurity policies and procedures, as defined by cybersecurity-related documentation
- Consulting with PdM WESS on protective or corrective measures when a cybersecurity incident or vulnerability is discovered, and ensuring that a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the IS Security Officer
- Providing support for IT and/or cybersecurity related programs and/or projects, to include examining the strategic direction for program initiatives and activities, personnel, infrastructure, policy enforcement, emergency planning, IT and/or cybersecurity awareness, and/or other resources
- Consulting with the Government to evaluate functional requirements; coordinating with systems architects, as needed, to provide oversight in the development of design solutions; and defining project scope and objectives based on customer requirements
- Researching and identifying available technologies and standards to meet customer requirements, and identifying functional and security-related features to find opportunities for new capability developments to exploit or mitigate cyberspace vulnerabilities
- Supporting the design and development of secure interface specifications between interconnected systems; designing, developing, integrating, and updating system security measures (including polices and requirements) that provide confidentiality, integrity, availability authentication, and non-repudiation; and developing architectures or system components consistent with technical specifications
- Developing plans to safeguard IT system data against accidental or unauthorized modification, destruction, or disclosure, and to meet emergency data processing needs
- Reviewing violations of IS security procedures and protective measures; providing reports, as required; and making recommendations for appropriate corrective actions
- Coordinating implementation of computer security technical solutions and/or corrective actions with system stakeholders
- Performing research of IT security threat environments, technologies and solutions, and presenting consolidated analyses, with associated weaknesses and recommended actions and plans, for implementation to PdM WESS
- Supporting information security (INFOSEC), cyber security, and program protection plan requirements for satellite earth terminal systems and subsystems.
- Supporting the certification and accreditation of satellite earth terminal systems through the RMF
- Support the certification and accreditation of satellite earth terminal systems through the RMF or DIACAP, as required
- Facilitate working groups with PdM WESS/STS customers, stakeholders, and vendors to address cybersecurity concerns. The Contractor shall participate in the Cybersecurity WG; assist the WG in addressing PdM WESS system-related cybersecurity duties, responsibilities, and instructions; and make recommendations to the Government on compliance with cybersecurity regulations. The Contractor shall support Government cybersecurity activities and assist in performing the duties and responsibilities directed by the Cybersecurity WG and the applicable cybersecurity regulations, including Department of Defense Directive (DoDD) 8500.01, DoD 8570.01-M, DoDD 8500.1, DoD Instructions (DoDI) 8500.2, DoDI 8581.01, Army Regulation (AR) 380-5 and AR 25-2.
- Shall maintain a repository for all organizational or system-level cybersecurity-related documentation. The Contractor shall ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals. The Contractor shall develop and submit required artifacts into the earth terminal technology acquisition strategies Enterprise Mission Assurance Support Service (EMASS) system to establish and maintain certification and accreditation of SATCOM systems.
Required Qualifications
- Must have system development life cycle experience in software development, source code development, hardware integration, software virtualization, system administrator, network infrastructure implementation, and base administration (developer/administrator).
- Experience in reviewing DoD, NIST and RMF IA certification and accreditation documentation, tracking system registration and FISMA within the Army Portfolio Management System, manage IA training compliance in the Army Training and Certification Tracking System (ATCTS), and tracking of systems in the Army Certification and Accreditation Tracking Database.
- IAMs must be knowledgeable with all automated vulnerability scan tools such as Retina and Assured Compliance Assessment Solution and have a working knowledge of static source code tools such as Fortify and computer-aided software test.
- IAMs performing technical (IAT) functions will also be required to attain a technical level certification.
Required Certifications:
- IAT Level II (Security+ (Sec+) preferred) AND;
- Cisco Certified Networking Professional (CCNP) Enterprise OR;
- Cisco Certified Networking Professional (CCNP) Security
Years of Experience:
- Minimum of ten (10) years of cyber and Information Assurance (IA) security experience
Degree Requirement:
- Bachelors Degree in IT, INFOSEC, cyber engineering, IA engineering, or other applicable cyber fields such as Computer Network Defense (CND) test and evaluation. The degree must be from a U.S. National Center of Academic Excellence in Information Assurance Education (CAEIAE) or regional equivalent, or the applicant must have five (5) years of DoD IS experience if the degree is not from a CAEIAE.
- https://www.cybersecurityeducationguides.org/dhs-and-nsa-cae-cd-designated-schools-by -state/
Minimum Clearance Requirement:
Travel
U.S. Citizenship:
Kingfisher Systems, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, national origin, age, protected veteran status, among other things, or status as a qualified individual with a disability.