|
Daily Responsibilities
|
- Document DISA Security Technical Implementation Guideline (STIG) and Security Requirements Guide (SRG) compliance. Conducts Assured Compliance Assessment Solution (ACAS) and Security Content Automation Protocol (SCAP) scanning and assessments, and DHA Authorization to Operate (ATO) standards.
- Update and document Site and Support Locations enclave artifacts in Enterprise Mission Assurance Support Service (eMASS).
- Assist the system owner and ISSM in various aspects of designing, developing, and writing certification and accreditation (C&A) documentation packages, including support of the ATO and its systems and/or environment, including but not limited to POA&M and other artifacts.
- Administer and support security reviews of all new or modified systems, devices, and configurations to ensure a consistent security posture.
- Administer all security related documentation and databases including System Security Authorization Agreements (SSAA), recording mitigation strategies, waivers, approvals, ports and protocol registration, and user rights tracking.
- Assist in the detailed investigation and documentation of security incidents as required.
- Support the Government’s directive to maintain and sustain all aspects of CAC login and PKI technology and/or other Government authorized or required two factor identification protocol or system.
- Utilize approved Government scanning tools and or Government provided security protocols, including forensics analysis and Intrusion Prevention System.
- Provide risk assessments and reviews for system and medical devices deployed and to be deployed on site.
- Participate in preparing for Command Cyber Readiness Inspections (CCRIs).
- Support changes required by IAVAs, Information Assurance Vulnerability Bulletins (IAVBs), and Cybersecurity Tasking Orders.
- Participate in remediation of findings, vulnerabilities, and troubleshooting of subsequent conflicts and problems.
- Manage tickets (incidents, cases, and requests) that have been initiated and/or assigned to the local site Cybersecurity office or assigned IA support resources.
- Contractor will obtain and maintain access and familiarity with enterprise tools required for support of RMF, vulnerability management, threat detection, event auditing, IT audits, data loss prevention, and incident response.
- Coordinate with system owners, administrators, and users to implement security requirements and maintain compliance throughout the system lifecycle.
- Follows National Institute of Standards and Technology (NIST) and/or Department of War IA Certification and Accreditation Process standards, and Department of War (DoW) security protocols.
- Conduct Cybersecurity threat monitoring, risk identification, incident mitigation, and administration IAW the DHA RMF Portal. (https://info.health.mil/dadio/InfoSec/assessor/dharmf).
- The Contractor shall collaborate with the Government Information Assurance and Cyber team to provide updates to the local site RMF package for the information system. The RMF package shall include, at a minimum, the following documents, and artifacts:
- System Security Plan (SSP): A document that describes the security controls in place for the information system and how those controls are implemented, monitored, and assessed.
- Security Assessment Report (SAR): A report that provides an assessment of the security controls in place for the information system and identifies any deficiencies or weaknesses.
- Plan of Action and Milestones (POA&M): A document that outlines the actions required to address any deficiencies or weaknesses identified during the security assessment.
- Security Authorization Package (SAP): A package of documents that includes the SSP, SAR, POA&M, and other relevant artifacts that are submitted to the Authorizing Official (AO) for review and approval.
- Continuous Monitoring Plan (CMP): A plan that outlines the ongoing monitoring and assessment of the security controls in place for the information system.
- The contractor shall provide updates to the RMF package within eMASS and shall be reviewed and approved by the Government Task Manager prior to the deployment of the information system. The Contractor shall also provide the Government Task Manager with ongoing updates to the RMF package.
- Support Trusted Agents (TAs) requirements related to alternate token or elevated privileges to the network and systems.
- Support staff with technical assistance beyond that which the service desk staff can manage, such as higher-level knowledge and more time-consuming assistance.
- Review and Process System Access requests IAW with DHA network access requirements
- Tracking and coordinating remediation efforts on system POA&Ms.
- Provide specialized technical expertise and consultative guidance within assigned subject area to support mission objectives.
- Serve as the Information System Security Officer (ISSO) for designated systems, ensuring compliance with DoW cybersecurity policies and Risk Management Framework (RMF) requirements.
- Develop, maintain, and enforce system security plans (SSPs), security controls, and associated documentation in accordance with DoW and DHA directives.
- Oversee system authorization and accreditation processes, coordinating with the Authorizing Official (AO) and security control assessors.
- Deliver technical briefings and status updates to stakeholders, including risk assessments and mitigation strategies.
- Perform activities in a lead role to cybersecurity supporting teams
- Security Vulnerability Tracking Report, Deliverable 5
- A monthly report that states the vulnerabilities for all systems and gives status of each vulnerability for burndown to completion
- This monthly report will include
- Status of burndown for all IAVM patches that come out from USCYBERCOM, and DHA.
- Status of system security configuration deficiencies (IAW the DISA STIG, as documented in the POA&M for each of the systems that are maintained by the Service Provider.
- RMF Package (Deliverable 7): The Contractor shall submit an RMF package (Deliverable 7) for the information system to the Government. The RMF package is a set of documents and artifacts required to implement the RMF process for a specific information system. The RMF package shall include, at a minimum, the following documents, and artifacts:
- System Security Plan (SSP): A document that describes the security controls in place for the information system and how those controls are implemented, monitored, and assessed.
- Security Assessment Report (SAR): A report that provides an assessment of the security controls in place for the information system and identifies any deficiencies or weaknesses.
- POA&M: A document that outlines the actions required to address any deficiencies or weaknesses identified during the security assessment.
- Security Authorization Package (SAP): A package of documents that includes the SSP, SAR, POA&M, and other relevant artifacts that are submitted to the Authorizing Official (AO) for review and approval.
- Continuous Monitoring Plan (CMP): A plan that outlines the ongoing monitoring and assessment of the security controls in place for the information system.
- The RMF package shall be submitted in accordance with the requirements identified Table 28 – Contract Deliverables, within eMASS, and shall be reviewed and approved by the Government prior to the deployment of the information system. The Contractor shall also provide the Government with ongoing updates to the RMF package as required by the Continuous Monitoring Plan.
- Other duties as assigned.
|
