Support the NASIC Cybersecurity branch with policy, process, and procedural documentation and training.
IAM Level I certification (CAP, GSLC, Security +CE)
Evaluate, conduct process-improvement analysis on, propose improvement strategies for, and implement streamlined processes for all Cybersecurity branch functions: Assessment & Authorization (A&A), defensive cybersecurity functions, and Telecommunications Electronics Material Protected from Emanating Spurious Transmissions (TEMPEST). Appraise policies and requirements governing these processes and ensure compliant repeatable processes are developed, documented, and implemented.
Review, create, and update documentation, such as Standard Operating Procedures (SOPs) for both new and existing processes. In addition, provide training on these processes and make sure documentation is available on Branch SharePoint site.
Support NASIC Information System Security Managers (ISSMs) and Information System Security Officers (ISSOs), assisting in the development, documentation, and communication of local Cybersecurity policy, processes, and procedures.
Provide local training for ISSMs, ISSOs, System Administrators, and Program Managers detailing their role and responsibilities related to Cybersecurity processes.
Aid in the tracking and reporting of system authorization project status for systems within the Center.
Identify and track unmitigated vulnerabilities, exceptions to policy, and Plans of Action and Milestones (POA&Ms), and notify SCXS POC
Update and maintain Cybersecurity Standard Operating Procedures. Restructure, redesign, and reorganize the Cybersecurity SharePoint site such that resources, guidance, and training are logically organized and readily accessible to all Cybersecurity customers.
Provide monthly functional area reports summarizing work accomplished, work planned in next month and important issues occurring during the month. Report shall include system and PoA&M status (if applicable) and trend data (CDRL A001).