Job Title: Cybersecurity SME
Location: Pearl Harbor, HI
Eligibility: Candidate must have an active TS/SCI clearance
Job Description:
Place of Performance
The primary place of performance is HQ PACAF (Bldg. 1102 Rm H210, JBPHH,
Hawaii 96853). The Contractor shall have access to Government facility
five days per week, Monday through Friday, eight hours a day, except
when the Government facility is closed due to local or national
emergencies, administrative closings, or similar Government directed
facility closings, unless otherwise approved.
Clearance
The personnel assigned to the Cybersecurity SMEs and Theater
Vulnerability Manager positions are required to have and maintain
building access to the PACAF HQ building in addition to a TS/SCI
security clearance. See Department of Defense Form 254, Contract
Security Classification Specification, for security guidance and
additional security requirements.
The work to be performed under this contract is up to Top Secret level
for Cybersecurity SMEs and Theater Vulnerability Manager positions. The
work will require Sensitive Compartmented Information (SCI) access
eligibility for the Cybersecurity SMEs and Theater Vulnerability
Manager.
Cybersecurity SME
Number of Cybersecurity SME positions and their locations are as follow.
Item # Position Location Positions
Cybersecurity SME Requirements are as follows:
Item # Position Requirements
General Position Requirements
Top Secret (TS) / Sensitive Compartmented Information (SCI) security
clearance
DoD 8140, the DoD Cyber Workforce Manual Anyone (1) of the following: ☐
Advanced - CISM or CISSO or CPTE or CySA+ or FITSP-A or GCSA or CISA or
CISSP or CISSP-ISSEP or GSLC or GSNA or DoD 8570.1-M certified at
Information Assurance Technical (IAT) Level 3 - Anyone (1) of the
following: ☐ CompTIA Advanced Security Practitioner Continuing Education
(CASP+ CE) ☐ Certified Information Systems Auditor (CISA) Certified
Information Systems Security Professional (CISSP) (or Associate - this
means the individual has qualified for the certification except for the
number of years’ experience) ☐ Certified Cloud Security Professional
(CCSP)
Have 2-3 years of experience and the skills required to execute Federal,
National, DoD, USAF CIO, and US State Department Requirements to be able
to assess cyber risk, identify mission sets, and defend the mission.
Have 2-3 years of experience of applying, assessing, and advising MAJCOM
staff and Wings on cybersecurity requirements.
Understand the AF Cyber architecture and PACAF MOBs and GSUs roles.
Ability to travel to PACAF MOBs and GSUs to conduct duties and
responsibilities -at a maximum up to 40% of the time.
Proficiency in Microsoft Office Suite products and SharePoint
collaborative tools.
Training highly preferred prior to starting; however, must have the
ability to obtain within 3 days of starting and maintain certificates of
completion for the following training: ☐ Level 1 Anti-Terrorist Training
- within the past year
https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=JS&course_number=-
US007 ☐ Level A Survival, Evasion, Resistance, and Escape (SERE)
Training - within the past 1-2 years
https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=J3T&course_number
=A-US1329 ☐ USFK Training - no time requirement (only required to be
taken once)
https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=USFK&course_number=
-US171 ☐ DoD Cyber Awareness Challenge - within the past year
https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=DOD&course_number=-
US1364-23 ☐ Operations Security (OPSEC) Awareness - within the past year
https://jkodirect.jten.mil/html/COI.xhtml?course_prefix=PAC&course_number=-
US017 ☐ Derivative Classification IF103.16 - within the past year
https://www.cdse.edu/Training/eLearning/IF103 ☐ Force Protection -
within the past year
https://lms-jets.cce.af.mil/moodle/enrol/index.php?id=12739 COR will
provide update website addresses to the above that may change.
RMF/FISMA/ATO Requirements
Have 2-3 years of experience conducting RMF/FISMA/ATO A&A.
Have 2-3 years of experience maintaining accreditation at a level
consistent with AF, DoD and FISMA requirements for all base enclaves and
providing situational awareness of assigned systems at MOBs and GSUs.
Have 2-3 years of experience with DISA Connection Approval Process
vehicles (e.g., SNAP, SGS, GIAP, and CDS-approval).
Expertise with FISMA compliance vehicle – AF centralized repository for
FISMA reporting is ITIPS.
Expertise with AF System A&A process vehicles (e.g., eMASS, AF PPSM, AF
Software Approval) to produce ATO, ATC, Interim Authority to Connect
(IATC).
CRR-M Requirements
Have 2-3 years of experience of conducting assessments of
SIPRNet/NIPRNet network, enclave, and system security posture providing
guidance, mitigation recommendations and familiarization to personnel on
cyber security to include prepare/advise pre-, post-, and
during-inspections.
In-depth experience with DISA STIGs and by-product analysis
CORA & CCORI Support Requirements
-3 years of experience of conducting CORA & CCORI inspections.
Expertise with CORA process vehicles.
Expertise with CCORI process vehicles (e.g., MADSS, ELICSAR, etc.)
Expertise with USCYBERCOM/DISA CORA Scoring Tools (option to utilize the
AF “Cyber Ready 365”).
Cybersecurity SME Skills, knowledge, and abilities are as follow:
Item # Skill, Knowledge, or Ability
Ability to deliver on-site and remote Cybersecurity, RMF, and FISMA
support to mission owners through the distribution of current policies
and providing guidance and mentorship to the cyber forces.
Knowledge of congressional FISMA, DoD, and AF cybersecurity directives.
In-depth experience conducting (on-site and/or virtual) A&A validation,
reviews and mentorship pursuant to National/DoD/AF standards (e.g., DISA
STIGs, NIST SP 800-12, NIST SP 800-53, AFI 17-101, CRR-M).
In-depth experience collecting and developing A&A artifacts.
Ability to maintain and sustain A&A packages, including
tracking/updating A&A documents/products in the following databases: ☐
CAP for SNAP ☐ GIAP circuit management tools ☐ eMASS and ITIPS ☐ CMRS
efforts
Proficiency in creating and maintaining RMF products for the theater
circuits/enclaves via eMASS.
Experience in creating, consulting, revising, finalizing, submitting RMF
deliverables.
Ability to provide up-dates through AF central FISMA database
repository, ITIPS.
In-depth experience ensuring A&A data is synchronized across AF and DISA
repositories.
Knowledge of processing circuit connection requests through SGS and
SNAP.
Experience in mentoring cyber workforce personnel to excel in
implementing and sustaining security best practices and cyber-readiness,
leveraging CORA methodology within the PACAF-specific Cyber-Readiness
Maturity Model (CRR- M).
Knowledge of how to resolve issues with DoD vulnerability scanning
tools, including system credentials, access control list, and identified
network assets.
Knowledge of how to resolve issues with DoD required endpoint security
solutions for all host devices in the network enclaves.
In-depth experience preparing Wings for CORAs & CCORIs on NIPRNet,
SIPRNet and supported information systems.
In-depth experience with CORA and CCORI scores and Risk Assessment
Report for the MOBs & GSUs using DISA CORA Scoring and Risk Assessment
tools
Ability to provide recommendations for mitigations & follow-on actions
to include POAMs.
Experience with email, and other communication platforms to include but
not limited to MS Teams group chats, MS SharePoint site, and VoIP
Phones.
Proficiency with the latest Microsoft tool suite (i.e., PowerPoint,
Excel, Word, etc.).
Ability to collaborate with others.
Ability to brief technical information to both technical and
non-technical audiences.
Experience briefing senior leaders and large audiences.