Information Security Eng 3

Members of this Service Area provide technical expertise to manage RMF Authority to Operate (ATO) packages and support Cybersecurity functions. Review and implement applicable assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD 8500 series, CNSS 1253, and NIST special publications. Provide A&A and Cybersecurity support, including RMF for DoD IT, assessing compliance with STIGs, reviewing automated scans, security test and evaluation (ST&E), vulnerability assessments, and computer security responses. Create new and manage existing RMF packages using eMASS (or the applicable Air Force system of record). The contractor shall provide Cyber surety support on first shift and manage ANG NOS Risk Management Framework (RMF) packages for three networks and complete the following tasks: Provide technical expertise to manage ANG enterprise Risk Management Framework Authority to Operate packages. Manage RMF packages for 2 enterprise networks, another separate but interconnected information system, and supports inheritance artifacts for 90 ANG wings. Create and maintain Plans of Action and Milestones (POA&M), waiver and technical feasibility documentation while ensuring the technical accuracy of all evidence provided for RMF packages Monitor relevant policies and regulations for changes that may affect the system Provide and/or develop supporting evidence for RMF IA controls Monitor DISA and other authority repositories for relevant security bulletins and alerts Develop and/or maintain policies and procedures documentation Review and implement current applicable assessment and authorization (A&A) documentation in compliance with DoD Cybersecurity policy and agency guidance, including DoD 8500 series, ICD 503, CNSS 1253, and NIST special publications.