1. Works with and assist the SOC and IA staff with general daily security activities such as (but not limited to):
a. Oversight of service requests ensuring teams are performing to standard
b. Supporting the CNDSP for forensics information and incident handling
c. Monitoring of overall security posture of the Enterprise, understanding how security event impacts
d. Oversight of incident response, ensuring responses are accurate and addressing the concern per standards
e. Overall security assessments, reporting requirements, making sure teams are meeting service level requirements (SLR) associated with information security on the enterprise
2. Supports the IA staff with policy and compliance doctrine, contribute to and maintain security standards documentation on the program that are aligned with ACE-IT directives and goals.
3. Routinely reviews and suggest updates for security controls through recommendations of new policies, procedures and technical solutions designed to enhance overall enterprise security.
- Prepares, schedules, and project manages annual SOC audits
- Create and conduct independent internal audits on an ongoing basis to ensure compliance of company policies and procedures
- Works directly with support departments to implement procedures and systems for the protection, conservation and accountability of proprietary data, including collaboration with training groups to ensure proper Security Awareness Training has been implemented on a mandatory annualized basis, including development and oversight of internal audits to ensure organizational compliance
7. Documents and reports incidents from initial detection through final resolution using standard DoD incident reporting channels and methods (refer to CJCSM 6510.01B “Cyber Incident Handling Program” dated 10 July 2012 or later). Briefs incident details as necessary to ACE-IT Senior leadership, up to and including the Director, and determine all means by which to resolve any incidents as quickly and effectively as possible.
8. Responsible for management oversight of testing of IA policies and security controls to level of risks associated with said policies and then is responsible for modifying and keeping those policies updated with the aid and support of the SOC and IA teams.
9. Coordinates with USACE Cyber Security Team on all security related items as required, including risk assessments as well as design and implementation of breach or high-risk resolution solutions.
10. Monitors open source feeds and reporting on the latest threats against computer network defenses. And, demonstrates clear capabilities of learning the interface, customization, language acceptance, and logic of new CND related tools as ACE-IT acquires them.
11. Key responsibility is to ensure all appropriate security safeguards, policies, procedures are designed and deployed to meet ACE-IT and program standards.
12. Provides technical expertise regarding the defense of government information systems and networks.
13. Manages the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on enterprise networks.
14. Ensures CNDSP staff follow computer incident handling procedures to isolate and investigate potential network information system compromises.
15. Oversees performance of malware and/or forensic analysis as part of the incident management process.
16. Supports the design and integration of custom rules and reports into proper security tools and data collection architectures.
17. Evaluates reports that identify risks to computer systems and make written and verbal remediation recommendations to senior program staff as well as ACE-IT leadership.
18. Ensures timely and appropriate team response to General Service Incidents: Service and infrastructure related incidents (loss of service, poor performance, and service anomalies) IAW contract and DoD standards.
19. Maintains response oversight for Electronic Spillage incidents where classified, Personal Identifiable Information (PII), Controlled Unclassified Information (CUI), or Networks of Interest (NOI) information is introduced on an IT system or network that it is not authorized to hold or process such data.
20. Ensures response to unauthorized disclosure: any incident where information, data, or files have been made available to a person or persons who do not have authorized access.
21. Responds to requirements associated with Information Operations Conditions (INFOCON) and higher HQ direction.
22. Supports Investigation activities associated with complex incidents requiring more in depth data collection for command or law enforcement issues.
23. Supports Security Incident Response to include: Perimeter Configuration Incidents, Security Events to address actual or potential CND events or identified threats; End user level intrusion or rouge systems; vulnerability identification and mitigation; and Mission Assurance Incidents impacting IT systems or networks.
24. Coordinates with CNDSPs to develop incident response and reporting and policy updates as needed IAW ACE-IT CIRT.
25. Manages and work in close coordination with the Information Assurance team and SOC to appropriately resolve daily incidents.
26. Ensures new employees are oriented to the Security organization and responsibilities to the customer.
27. Periodically reviews training requirements for personnel and ensure they are maintaining DoD requirements for their positions.
28. Acts as POC for all Company ACE-IT Cyber Security decisions as approved by or in collaboration with DoD, Army, ACE for ACE-IT Program by Program Manager.
29. Provides supervisory guidance to Cyber Security staff regarding all matters relating to Computer Network Defense and Information Assurance (to include: protocol changes/updates, training, certification enhancements, etc.), acts as lead in staffing and hiring determinations related to the Cyber team in relationship to meeting customer service expectations and conducts annual performance evaluations, conducts promotional as well as disciplinary activities as necessary to maintain a functionally successful team.
30. Ensures that staff follow customer, DoD, Army, Company policies and procedures.