Launch Cyber Specialist
- Military veterans preferred
2021-07-20 SAIC (www.saic.com)
El Segundo California 90245 United States
Duties and responsibilities:
SAIC is currently looking for Cyber Analysts to support launch system SE&I activities for the Launch Enterprise Directorate (ECL) at SMC. This position is located at Los Angeles AFB, CA. Key aspects of this oversight will include the following:
Support the Cybersecurity program, providing assessments of contractor cyber implementations and providing status and recommendations to customers
Job Specific Responsibilities:
Systems Security and Program Protection
Provide Systems Security Engineering (SSE) expertise to assist the Government in all aspects of Program Protection Planning (PPP) including but not limited to an in-depth lifecycle program analysis to identify Critical Program Information (CPI), conduct threat and vulnerability assessments, identification and implementation of countermeasures, Anti-Tamper analysis and protection; counterintelligence, intelligence, and security assessments and support, Risk Management Framework (RMF) for Information Technology (IT) and cybersecurity strategies.
Develop, review and update the NSSL Program Protection Plan (PPP) and develop, review and update LSP annexes as required. Review and update the NSSL Counterintelligence Support Plan (CISP), Anti-Tamper plan, the Operations Security Plan (OPSEC) and Security Classification Guide (SCG) as needed, IAW DoDI 5000.02, DoDI 5200.39, DoDI 5200.1-M, and AFI 31-401.
Support SMC/ECL industrial security activities including reviewing PWS/SOWs, creating, reviewing/modifying DD-254s in PDF and NCCS program, tracking and reporting status on DD-254s, compliance reviews on contacts and maintain security files for all contracts requiring DD-254s for the life the contract, validating contractor cage codes in NISS, processing sponsorship for contractor facility clearances requests, contractor SCI nomination processing, interfacing with DCSA, SMC PMs, PCOs and CORS, FSOs, CSSOs, INS SSOs, COMSEC Mangers, NRO, GSSOs.
Support SMC/ECL information security activities including creating, editing and maintaining access rosters, appointment letters, create courier briefings and courier letters, continuity binders for all security processes, maintain security containers with proper accounting documentation, provide inventory listings and conduct security container inspections. Provide training for security container users on the proper handling of material being safeguarding, marking, storing, and proper destruction. Facilitate an annual clean-out day to minimize the amount of classified material being stored.
Conduct launch system security readiness reviews and submit to SMC/ECL Security for approvals prior to each launch.
Evaluate and provide technical analysis of Launch Service Providers (LSP's) Program Protection Implementation Plans (PPIPs) and assess the plan’s effectiveness. Conduct Program Protection Surveys to evaluate and validate protection methodologies identified in LSP’s PPIP with a focus on threat and countermeasure issues and recommendations for strengths and weaknesses. Produce a lessons learned document describing the effective or ineffective use of the program’s established countermeasures to known or suspected vulnerabilities and the identification of unrecognized vulnerabilities.
Evaluate LSP’s proposed security waivers and deviations, and perform security assessments IAW the applicable system contract, acquisition plan, SCG, and the PPP.
Review program documentation for public release and ensure only Distribution A information is recommended for public release IAW the NSSL PPP, and SCG. Validate the information is not listed in the U.S. Munitions list, International Traffic in Arms Regulations (ITAR) or Commerce Control List (CCL).
Develop and present all materials associated with the Quarterly NSSL System Security Working Group (SSWG) to include agenda topics, briefing charts, maps, meeting minutes, action items, visit requests and conference facilities as needed for classified and/or unclassified discussions and presentations.
Develop, store and manage applicable security documentation in the ECL Security Library on Livelink/SharePoint IAW the ELC file plan, AFMAN 37-104, AFMAN 37-123, and AFI 37-138.
Evaluate and update the SMC/ECL Security Operating Instruction (SOI) annually.
Evaluate ECL’s internal security documentation and provide recommendations to support systems security and cybersecurity self-inspections, AF-level Inspections, to include the Air Force Inspector General, Headquarters Air Force Space Command Inspector General, Air Force Audit Agency Inspections, and Space and Missile Systems Center Integrated Program Reviews annually. Support the SMC/ECL Management Internal Control Toolset inspection process conducted semi-annually for all security checklists.
Support SMC/ECL personnel security activities including clearance verifications, visit requests, access badging, system access forms, area access forms, entry access lists, etc. via Defense Information Security System (DISS). Support the security clearance request process, assisting with notification of clearance update requirements, and review of submitted request packages for release to the investigative agency. Support the Government in the management of the SCI billeting process for Government and Contractor personnel.
Support physical security including changing of door and safe combinations and end of day security checks as required. Maintain the SIPRNET user justifications, training records and provide training to those requiring access. The training shall detail proper usage of the SF-700, SF-701, SF-702 Forms and security requirements for the SIPRNET and SIPRNET room. Additionally, maintain and submit the access roster for the SIPRNET room to the Government.
Support Random Antiterrorism Measures (RAM) activities as identified in the monthly RAM schedule and conduct end of day security checks as required.
Support COMSEC/SVRO as required.
Support security training, i.e. develop annual security briefing, in-processing/out-processing security briefings, Insider Threat Training, INFOSEC security requirements, and other security training and education requirements as required.
Provide export/import support to all organizations within ECL. Interprets USG regulations including the Arms Export Control Act, the International Traffic in Arms Regulations (ITAR), Export Administration Act (EAA), Export Administration Regulations, Anti-boycott Regulations, Office of Defense Trade Controls and U.S. Customs Service agencies. Provide comprehensive strategic export/import advice and support to the organization, initiating strategies, programs, processes and tools to meet strategic and critical challenges. Act as liaison between departments/divisions, levels of management, and LSP’s to produce export/import services that meet SMC/ECL needs. Provide NSSL and New-Entrant export control support through review of material and provide export and ITAR technical advice on SMC publications, Freedom of Information Act requests and Technical Assistance Agreements.
Mission Systems Cybersecurity Assessment and Authorization
Develop, evaluate and update SMC/ECL launch program’s systems Assessment and Authorization (A&A) artifacts for implementation of the Risk Management Framework (RMF) for DoD Information Technology (IT), DoDI 8510.01.
Register SMC/ECL Launch support systems in the Enterprise Mission Assurance Support Service, as appropriate, in compliance with the Federal Information Security Management Act (FISMA) and conduct status reviews as required to validate currency and accuracy.
Review current and evolving cybersecurity and space systems policies, programs, procedures and reports for initial and follow-on system releases, including new and evolving cybersecurity requirements. Provide a written report of impact analysis with recommendations for changes/revisions.
Work with the Intelligence Community (IC) to identify, assess and make recommendations on approaches to prevent and mitigate threats to the NSSL system. Assist in the analysis of IC products to determine most suitable applications to the NSSL program.
Provide guidance, assessment, and oversight to SMC/ECL launch program’s implementation of ISO/IEC 27000, Information Security Management Systems (ISMS).
Evaluate and provide technical analysis of LSP’s implementation artifacts for Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting) that requires Contractors to implement the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 (Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations).
Ensure the Security and Cybersecurity requirements associated with any New Entrants are being met. This activity includes but is not limited to the evaluation of a New Entrants Security Plan. Deliver associated documentation, as directed by the Government. Enter observations, evaluation, analysis, and recommended assessments in the report formats requested by the Government. If audits are required or otherwise directed, draft and execute the audit plans.
Required Qualifications & Experience
Bachelor’s Degree in computer science or Bachelor Degree in STEM field
Minimum 14 years as software engineer, programmer, software developer or other related area
Clearance level: DoD Secret; TS/SCI desired
Participated with senior managers to establish plans and objectives
Ability to recommend/make decisions on administrative or project work matters and ensures effective achievement of program, project, or organizational objectives
Security+ and CISSP Certification
Desired Qualifications and Experience
Work proficiently on unusually complex technical problems and provide solutions which are highly innovative and ingenious