BlueWater Federal is looking for a CyberSecurity Specialist to support the US Army Reserve Command (USARC) at Ft. Bragg and join our dynamic CyberSecurity Team. This team developed and operated the Army Reserve Network (ARNet). The ARNet is an unclassified network of over 65,000 work stations and over 4000 servers and network devices supporting approximately 205,000 total Army Reserve personnel to include military, civilian, and contractors. The USARC has over 138 systems and applications currently hosted and utilized on the ARNet. The contractor shall provide cybersecurity services to enable and ensure USARC CIO/G-6 Cybersecurity Branch and Cybersecurity Program Management Division maintain 95% or higher Federal Information Security Management Act (FISMA) Compliance and Authority to Operate on the Department of Defense Information Network (DoDIN).
Provide comprehensive USARC CIO/G-6 Cybersecurity Branch support and services to classified and unclassified networks in accordance with (IAW) U.S. Army Regulation 25-1, AR 25-2, applicable DoD, Defense Information Services Agency (DISA), Network Enterprise Technology Command (NETCOM), and Army Cyber Command (ARCYBER) guidance daily and based on current cyber threats directed by the COR Additionally, contractor shall analyze Cybersecurity requirements, develop and implement recommended solutions, and operate and maintain legacy systems and equipment.
Provide Cybersecurity support services and solutions necessary to satisfy the USARC CIO/G-6 LOE using Best Business Practices (BBP).
Provide comprehensive Cybersecurity Program Management support. The desired effect is to provide cybersecurity program support to the USARC CIO/G-6, Cybersecurity Program Management Division and with all headquarters division staff element.
Provide service support to all USAR networks with full spectrum Cybersecurity processes to ensure the defense and protection of all government and DoD information systems.
Apply security policies to applications that interface with one another, such as Business-to-Business applications to meet security objectives of the system
Apply service-oriented security architecture principles to meet organization's CIA requirements
Develop and test system fail-over and system operations transfer to an alternate site based on system availability requirements and discover organizational trends with regard to the security posture of systems.
Ensure all systems security operations and mainte-nance activities are properly documented and updated.
Establish adequate access controls based on principles of least privilege and need-to-know.
Conduct exercise of the system disaster recovery and continuity of operations plans and ensure Recovery and Continuity plans are executable in the system opera-tional environment.
Mitigate/correct security deficiencies identified during security/certification testing, or identify risk acceptance for the appropriate senior leader or authorized representative.
Provide input to the RMF process activities and related documentation (e.g., system lifecycle support plans, concept of operations, operational procedures, and maintenance training materials). Contractor shall verify and update se-curity documentation reflecting the application/system security design features.
Draft, review, edit, update, analyze, and make recommends for regulations, policies, orders, SOP’s, TTP’s, doctrine, directives, instructions, guidance, and POA&M’s for all USAR networks.
Annually review, edit, update, analyze, and recommend regulations, policies, orders, doctrine, directives, in-structions, guidance for review boards for automation and network security for all USAR networks
Draft, review, edit, update, analyze, and make recommendations for regulations, policies, orders, doctrine, directives, instructions, guidance for tasks that require specific procedures; propose and report security metrics and milestones for all USAR networks.
Monitor, identifies, and assesses network and system vulnerabilities, requirements, and deficiencies on unclas-sified and classified networks and report findings for all USAR networks.
Draft, review, and maintain required DoD Cybersecurity Risk Management Framework documentation and artifacts on a Government-provided system (to include eMASS or SharePoint) to ensure full compliance with cur-rent DoD 8500.1, 8500.2 , AR 25-2, and NIST as well as superseding policies and regulations to obtain certification and accreditation for all USAR networks.
Develop and coordinate an accreditation process for RMF for all USAR networks.
Maintain a current RMF repository of all documents required by the Agent of the Army Certification Authori-ty (ACA) or other organizations for all USAR networks.
Develop and provide security guidance documentation and System Security Plan (SSP) for RMF for all USAR networks and information systems for review by the COR at least quarterly.
Plan and recommend modifications or adjustments based on exercise results or system environment. Properly document and update all systems security implementation, operations, and maintenance activities.
Document Cybersecurity/Computer Network Defense/Cyber Defense requirements for all USAR networks and information systems review quarterly and provide annual assessments.
Bachelors Degree and 5-9 Years of Experience
DoD 8570 IAT II or IAM II Certification (CCNA Security, CSA+, GICSP, GSEC, Security+ CE, SSCP, CAP, CASP CE, CISM, CISSP, or GSLC plus CompTIA Security + or equivalent)