Kina'ole Foundation
Information Systems Security Engineer (ISSE) - GPSI
Kina'ole Foundation, Simi Valley, California, United States
Information Systems Security Engineer (ISSE) - GPSI
GPSI Guam is a Professional Technical Services Company, headquartered in Hagatna, Guam. We are a SBC Native 8(a) and HUBZone certified, Small Disadvantaged Business providing Program/Project management, administration, management, technical support, general contracting, logistics, commodities, and training resources. GPSI is a wholly-owned subsidiary of the Kina'ole Foundation, a 501(c)(3) non-profit established to benefit Native Hawaiian communities. GPSI offers a competitive salary and comprehensive benefits package that includes: Health insurance Life insurance 401K Disability insurance Duties and Responsibilities: Work with the Regional Information Systems Security Manager (ISSM), Information Systems Security Officers (ISSOs), and other J6 CIO staff in the creation, completion, and maintenance of various security-related documents such as the Assess and Authorization packages. Perform vulnerability scans on all systems and network devices to ensure compliance with Information Assurance Vulnerability Alerts and Bulletins (IAVA/B) and other security-related tasking as required by current Government directives. Manage account and data functions ensuring proper clearances for users; maintain information ownership responsibilities for each information system including accountability, access approvals, and special handling requirements. Monitor and maintain user training certificates (Cyber Awareness and Cybersecurity Workforce training requirements). Ensure physical space requirements for Restricted Access Areas (RAA), Controlled Access Areas (CAA), and Open Storage Secret spaces meet mandated classification requirements. Develop and implement Configuration Management (CM) control policies for authorizing software and hardware use. Monitor changes to ensure security is not adversely impacted. Oversee, monitor, and conduct System Security evaluations, audits, and reviews; coordinate Command Information Assurance Vulnerability Management (IAVM) and Computer Task Order (CTO) Programs. Inspect and certify physical space requirements for Restricted Access Areas (RAA) and Controlled Access Areas (CAA) ensuring compliance with classification requirements. Provide Information Security (INFOSEC) training management and support; manage Vulnerability Remediation Asset Manager (VRAM) and Assured Compliance Assessment Solution scanning. Conduct Risk Management Framework (RMF) steps 1-4 assessment and implementation based on data collection, analysis, and reporting in accordance with security technology and Government policy methods. Analyze assessments and implement risk-based decisions to certify security controls and countermeasures across systems and programs. Provide support for JRM systems cybersecurity assessment and analysis, generating scorecards, inventories, and other artifacts as required. Perform ACAS, STIG, and SRG compliance scans on systems when authorized. Investigate rogue devices on the network. Maintain logs tracking facility systems status, POA&M execution, and other pertinent information related to securing the systems tracked. Maintain JRM systems' accreditation status through implementation of RMF Step 6 Continuous Monitoring phase. The contractor must have experience in utilizing Enterprise Mission Assurance Support Service (eMASS), VRAM, or similar systems repositories for IA purposes. Other duties as assigned by Supervisor. Qualifications: Minimum Baseline Certifications: CompTIA Advanced Security Practitioner Minimum Operating System Certification: Microsoft OS or VMware GPSI is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
#J-18808-Ljbffr
GPSI Guam is a Professional Technical Services Company, headquartered in Hagatna, Guam. We are a SBC Native 8(a) and HUBZone certified, Small Disadvantaged Business providing Program/Project management, administration, management, technical support, general contracting, logistics, commodities, and training resources. GPSI is a wholly-owned subsidiary of the Kina'ole Foundation, a 501(c)(3) non-profit established to benefit Native Hawaiian communities. GPSI offers a competitive salary and comprehensive benefits package that includes: Health insurance Life insurance 401K Disability insurance Duties and Responsibilities: Work with the Regional Information Systems Security Manager (ISSM), Information Systems Security Officers (ISSOs), and other J6 CIO staff in the creation, completion, and maintenance of various security-related documents such as the Assess and Authorization packages. Perform vulnerability scans on all systems and network devices to ensure compliance with Information Assurance Vulnerability Alerts and Bulletins (IAVA/B) and other security-related tasking as required by current Government directives. Manage account and data functions ensuring proper clearances for users; maintain information ownership responsibilities for each information system including accountability, access approvals, and special handling requirements. Monitor and maintain user training certificates (Cyber Awareness and Cybersecurity Workforce training requirements). Ensure physical space requirements for Restricted Access Areas (RAA), Controlled Access Areas (CAA), and Open Storage Secret spaces meet mandated classification requirements. Develop and implement Configuration Management (CM) control policies for authorizing software and hardware use. Monitor changes to ensure security is not adversely impacted. Oversee, monitor, and conduct System Security evaluations, audits, and reviews; coordinate Command Information Assurance Vulnerability Management (IAVM) and Computer Task Order (CTO) Programs. Inspect and certify physical space requirements for Restricted Access Areas (RAA) and Controlled Access Areas (CAA) ensuring compliance with classification requirements. Provide Information Security (INFOSEC) training management and support; manage Vulnerability Remediation Asset Manager (VRAM) and Assured Compliance Assessment Solution scanning. Conduct Risk Management Framework (RMF) steps 1-4 assessment and implementation based on data collection, analysis, and reporting in accordance with security technology and Government policy methods. Analyze assessments and implement risk-based decisions to certify security controls and countermeasures across systems and programs. Provide support for JRM systems cybersecurity assessment and analysis, generating scorecards, inventories, and other artifacts as required. Perform ACAS, STIG, and SRG compliance scans on systems when authorized. Investigate rogue devices on the network. Maintain logs tracking facility systems status, POA&M execution, and other pertinent information related to securing the systems tracked. Maintain JRM systems' accreditation status through implementation of RMF Step 6 Continuous Monitoring phase. The contractor must have experience in utilizing Enterprise Mission Assurance Support Service (eMASS), VRAM, or similar systems repositories for IA purposes. Other duties as assigned by Supervisor. Qualifications: Minimum Baseline Certifications: CompTIA Advanced Security Practitioner Minimum Operating System Certification: Microsoft OS or VMware GPSI is an equal opportunity employer and values diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
#J-18808-Ljbffr