Job Title: Cybersecurity Specialist Lead

Location: USFF Norfolk, Virginia at a Government facility/site (100% on-site)

Clearance: Secret

Program: USFF

PROGRAM DESCRIPTION: This role will be supporting the U.S. Fleet Forces Command (USFF) Headquarters (HQ) at USFF Norfolk, Virginia at a Government facility/site. As a member of their USFF Communications and Information Systems Division (N6) Support Team, you will significantly contribute to Navy Fleet Readiness and Homeland Security. The team is involved in information technology (IT) support tasks including but are not limited to Program Management support, Network Engineering support, Maritime Operations Center/Tactical Systems support, Video Teleconferencing and Audio/Visual support, Portal Management and Application Development support, Staff IT Business Process/IT Services support, Satellite Communications Planning support, Information Assurance (IA)/Certification and Accreditation support, Database Administration support, Communications Security/EKMS support, and general IT support, as well as maintenance, updating and enhancement of developed application/software.

Job Responsibilities:

The Cybersecurity Specialist Lead shall provide Certification & Accreditation (C&A) support for all USFF HQ systems. The Cybersecurity Specialist Lead shall support the revision of the entire end-to-end C&A process. The Cybersecurity Specialist Lead shall provide overarching expertise for the C&A process. The Cybersecurity Specialist Lead shall ensure the necessary planning, outreach, execution, and dissemination of lessons learned/after action reports. The Cybersecurity Specialist Lead shall engage pertinent stakeholders and cross-functional events support Subject Matter Experts as required to provide an overall framework for managing and coordinating necessary communications that directly, or indirectly, influence objectives and tasks. The Cybersecurity Specialist Lead shall provide support for all post Cyber Security Inspection (CSI) data/information resulting from a CSI conducted as USFF or a subordinate command(s). This effort will highlight and track significant physical, policy and or network security issues, improving network security and awareness on Naval networks worldwide.
• Review Assessment and Authorization (A&A) package submissions to ensure system/network architectures and technical /non-technical operating features adequately protect and defend against unauthorized access, ensure systems availability, and meet DOD/Navy Cybersecurity implementation policy requirements and data protection safeguards.
• Conduct Cybersecurity compliance and A&A documentation validation assessments for applications, systems and networks.
• Develop, or expand existing, A&A and Cybersecurity documentation to ensure complete documentation exists in accordance with DOD A&A and Cybersecurity policy.
• Perform Certification Authority (CA) risk assessments to evaluate systems risks and provide written risk assessment reports including overall risk analysis reviews and recommendations.
• Respond to feedback in the form of comments and instructions to ensure coordination of efforts, to correct errors, information omissions and shortfalls in A&A documentation packages.
• Communicate feedback to government lead, coordinate corrections, collect responses and validate prior to forward for processing.
• Develop procedures to support A&A workflow processes, criteria needed to facilitate processes and accreditation decision milestones
• Attend meetings, take notes and prepare written feedback on the content and outcome of meetings, and follow-on tasks including recommendations and suggestions.
• Assist in developing point papers, naval messages, presentations, briefings and other forms of written documentation on an as needed basis to support A&A and Cybersecurity functions.
• Develop Standard Operating Procedures (SOPs), checklists, workflow process charts, forms, POC lists, and other documentation needed to support A&A processes and related Cybersecurity functions.
• Compile and analyze data and develop a monthly Dashboard for USFF leadership review for A&A and Cybersecurity readiness and compliance.
• Conduct analysis of trends in A&A and Cybersecurity findings/results.
• Provide support for all post CSI issues to include inspection finding adjudication in VMS, assessing statistical data/metrics of post inspection adjudication status, and STIG review and interpretations
• Develop POAMs and risk assessments.

Job Requirements:
• Bachelor's degree in Cybersecurity field and no experience, or AA/AS in related field and 2 years of related experience.
• IAT II certification (typically CompTIA Sec+)
• At least 5 years of experience. In lieu of formal education, 7 years of experience specifically related to the qualification requirements.
• Demonstrated knowledge and experience of Cybersecurity / INFOSEC concepts and requirements.
• Knowledge of the DOD A&A process and standards
• System / network vulnerability analysis
• Risk assessment and risk mitigation analysis
• Security Test and Evaluation (ST&E)
• Contingency planning
• Firewall Policy
• IP Network Ports & Protocols
• DoD Risk Management Framework (RMF)
• Knowledge and experience of the Defense Information Systems Agency published STIG requirements and implementation/compliance process.
• Knowledge of virtualization, networking, Windows and Linux Operating Systems, and storage and backup.
• Process Strong oral and technical writing skills.