The Alaka`ina Foundation Family of Companies (FOCs) has a need for talent with various skillsets to support one of our potential customers located out of various US locations, nationally and internationally. Locations to support: Andersen AFB, Guam; Diego Garcia (BIOT) (GSU); Eielson AFB, Alaska; Joint Base Elmendorf-Fort Richardson (JBER), Alaska; Joint Base Pearl Harbor-Hickam (JBPH-H), Hawaii; Kadena AB, Japan (Okinawa), Kunsan AB, South Korea; Misawa AB, Japan; Osan AB, South Korea; and Yokota AB, Japan.

Positions to fill:

1. Assessment & Authorization (A&A) Products (U.S. Secret Clearance required);

The SMEs will create Comprehensive DIACAP or RMF products for the theater circuits/enclaves via eMASS as required. Theses product must include all requirements IAW applicable DoD and AF Instructions.

The SMEs will assist the government in the creation, consultation, revision, finalization, submission of the of deliverables for DIACAP and RMF to include but not limited to the following:

For DIACAP:

1. System Identification Profile (SIP).
2. DIACAP Implementation Plan (DIP).
3. System Topology.
4. DIACAP Scorecard.
5. Security Validation Report.
6. Plan of Action and Milestones (POA&M).
7. Artifacts (Evidence Control has been met, i.e. STIG/Scan results, Policies, Charters etc. unit provided).

For RMF:

1. System Security Plan.
2. Ports Protocol Services Matrix (enclave).
3. Artifacts for control validation (STIG results, Policies, Scans, Charters, etc., unit provided)
4. Plan of Actions and Milestones.
5. System Topology.

_____________________________________________________________________________________________________________________

2. Command Cyber Readiness Inspection (CCRI) Products (U.S. Secret Clearance required);

The SMEs shall create CCRI score and Risk Assessment Report using DISA CCRI Scoring and Risk Assessment tools.

DELIVERABLES:

• Estimate of Wing/base CCRI Score (Cyber Readiness Review Report).
• Risk Assessment Report (residual risk and mitigation plan).

REQUIRED SKILLS AND EXPERIENCE:

1. Requires certification in: DoD 8570.1-M certified at IAT Level III* and expertise in the following DoD, AF, DISA, NIST, NIAP and PACAF processes is required:
2. DISA Connection Approval Process vehicles (e.g. SNAP, SGS (GIAP), CDS-approval).
3. Federal Information System Management Act (FISMA) compliance vehicle - AF centralized repository for FISMA reporting is Technology Investment Portfolio Suite (ITIPS).
4. AF System Assessment and Accreditation (A&A) process vehicles (e.g. Enterprise Mission Assurance Support Service (eMASS), AF PPSM, AF Software Approval) to produce Authority to Operate (ATO), Interim Authority to Operate (IATO), Authority to Connect (ATC), Interim Authority to Connect (IATC)).
5. Command Cyber Readiness Inspection process vehicles (e.g. CMRS, Assured Compliance Assessment Solution (ACAS), End Point security (formerly HBSS), DISA Checklist, such as STIGs, CND Directives, TASKORDs, FRAGO)
6. USCYBERCOM/DISA CCRI Scoring Tools (option to utilize the AF "Cyber Ready 365").
7. Proficiency in Microsoft Office Suite products and SharePoint collaborative tools used in tracking and reporting A&A actions.
8. In-depth experience with DISA STIGs and by-product analysis.

___________________________________________________________________________________________________________________________

3. A3/A6IS Theater Vulnerability Analyst SME (U.S. Secret Clearance required);

• The Analyst SME will be assigned to work directly with A3/A6IS Staff (based onsite at JBPH-H Hawaii) on preparing and guiding the command toward a comprehensive vulnerability management and situational awareness overview to include trend and analysis.
• Will interface with base comm squadrons, the 690th Cyber Operations Squadron and provide A36 leadership a depiction of PACAF Wings ability to scan (ACAS), mitigate (SCCM) and maintain Host Based point products mandated by the DoD (End Point Security formerly known as HBSS).
• In addition, the analyst will utilize CCRI reports from the DISA J3 website on SIPRNet to advise PACAF A36IS of findings of concern.
• The SME will have view rights only to SIPRNet and NIPRNet vulnerability tools in order to analyze and compile data for leadership.
• Cyber Readiness Reviews conducted by the A36IS Cybersecurity team will also be analyzed for trends and consolidated for an overview (with root cause and recommendations) of PACAF enterprise shortfalls.
• Deliverables below will be in Microsoft Power Point and will be presented to PACAF Director of Cyber Forces (DC4) when updated or a significant event will potentially impact missions.
• This SME will augment assessment teams as required.

REQUIRED SKILLS AND EXPERIENCE:

1. Requires certification in: DoD 8570.1-M certified at IAT Level III* and expert in the following DoD, AF, DISA, NIST, NIAP and PACAF processes is required:
2. Working Knowledge of DoD approved Scanning Tools (ACAS).
3. Working Knowledge of Microsoft SCCM.
4. Familiarization of End Point Security Point Product requirements.
5. Ability to analyze, and develop cyber vulnerability information into an understandable presentation.
6. Proficiency in Microsoft Office Suite products and SharePoint collaborative tools to build trend analysis.
7. In-depth experience with DISA STIGs and by-product analysis.

DELIVERABLES:

• Command wide SIPR and NIPRNet Vulnerability Status (number of CAT I vulnerabilities per device) Monthly.
• Command wide SIPR and NIPRNet End Point Security Status (monthly).
• Command wide SIPR and NIPRNet SCCM health (server and client).

___________________________________________________________________________________________________________________________

4. A3/A6IS Theater Security Cooperation Cyber SME (Top Secret/SCI);

• The Cyber SME will be under PACAF A36IW to support the US State Department/USPACOM/PACAF Theater Security Cooperation, specifically how it relates to Cyber and Cybersecurity.
• Will be required to travel throughout the AOR to our mission partner locations and in some cases escort them to events held CONUS.
• Other duties include attending US PACOM Command and Control Interoperability Boards (CJCSI 6010.01a), partner country intelligence briefings (cyber intel) (Requires TS clearance), etc.
• Shall develop and present/share Cyber Security best practices to counterpart mission partner country Cyber SMEs with the intent of strengthening relationships and ensuring information we share is secured with regard to personnel, technology, and policy.
• All presentations developed for mission partners must be approved by A36IW and the Foreign Disclosure Office at US PACOM.

REQUIRED SKILLS AND EXPERIENCE:

1. Requires certification in: DoD 8570.1-M certified at IAT Level III* and expert in the following DoD, and commercial best practices:
2. In-depth knowledge of network security architecture.
3. Ability to speak in public.
4. Familiarization with cyber security assessment tools.
5. Ability to analyze cyber vulnerability information and customize presentations for specific country.
6. Proficiency in Microsoft Office Suite products and SharePoint collaborative tools to build trend analysis.
7. Ability to grade mission partner's Cyber Readiness (maturity model).

DELIVERABLES:

• Approved (FDO and A36IW) curriculum and presentations
• Trip Reports following engagements
• Assessment of cyber security (maturity) of mission partners supported by PACAF A36

_________________________________________________________________________________________________________________________

5.Comm Squadron Defensive Cyber SME (Top Secret/SCI);

• Cyber SMEs will support the AF CIO's Cyber Squadron-Initiative (CS-I).
• SMEs will be integrated into a team of DoD Civilians and Military and required to assist and execute on mission assurance strategies with regard to protecting and defending Key Cyber Terrain which has been identified with a mission set. Secure, Monitor and Defend methodology.
• The SMEs shall work with the team to develop Cyber Threat Analysis and Vulnerability Analysis.

REQUIRED SKILLS AND EXPERIENCE:

Will require certification: DoD 8570.1-M certified at IAT Level II, as well as Certified Ethical Hacker and expert in the following DoD, and commercial best practices:

1. In-depth knowledge of network security architecture.
2. Knowledge of network and system monitoring/auditing tools.
3. Perform key asset scanning, monitoring, patching defending.
4. Ability to analyze cyber vulnerability information and recommend mitigations.
5. Proficiency in Microsoft Office Suite products and SharePoint collaborative tools to build trend analysis.
6. Deploy and implement network/system sensors.
7. Assist in the development of TTPs to respond to threat assessments.
8. Perform real time monitoring.
9. Perform log collection and analysis.

___________________________________________________________________________________________________________________________

6. Comm Squadron Functional Mission Analyst (Top Secret/SCI);

The Mission Analyst will support the AF CIO's Cyber Squadron-Initiative (CS-I).

The analyst shall provide critical information gathering and analysis for mission assurance to include:

• Identify mission
• Identify and document key cyber elements
• Identify mission and cyber asset cross dependencies
• Identify POCs and operational/maintenance support mechanisms
• Identify impact to mission based on loss or degradation of service

REQUIRED SKILLS AND EXPERIENCE:

Will require knowledge and a background of mission operations and how they can be impacted by cyber vulnerabilities and threats.

1. Knowledge network security architecture
2. Knowledge of USAF mission sets at a Wing Level (Plans)
3. Ability to map mission to critical enablers (logistics tail from start to end of mission)
4. Assist in the development of TTPs
5. Proficiency in Microsoft Office Suite products and SharePoint collaborative tools to build trend analysis
6. Engage mission owners/partners to assist CS-I team in the mapping of cyber key assets

This effort will be continuous as missions are dynamic and occur at different intervals.

DELIVERABLES:

• Mission Identification List.
• Key Cyber Elements Documentation.
• Mission and Cyber Dependencies Matrix.
• Key Mission/Operational POC List.
• Mission Impact Analysis based upon Cyber loss or degradation.

REQUIRED CITIZENSHIP AND CLEARANCE:

• Must be a U.S. Citizen.
• Must have an active Top Secret U.S. clearance.

The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries. Eligible employees enjoy a 401K plan with company match; medical, dental, disability, and life insurance coverage; tuition reimbursement; paid time off; and 11 paid holidays.

We are an Equal Opportunity/Affirmative Action Employer. We are proud to state that we do not discriminate in employment decisions on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. If you are a person with a disability and you need an accommodation during the application process, please click to request accommodation. We E-Verify all employees.

The Alaka`ina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies (FOCs) includes Ke`aki Technologies, Laulima Government Solutions, Kpono Government Services, and Kapili Services, Po`okela Solutions, Kkaha Solutions, LLC, and Pololei Solutions, LLC. Alaka`ina Foundation activities principally benefit the youth of Hawaii through charitable efforts which includes providing innovative educational programs that combine leadership, science & technology, and environmental stewardship.

For additional information, please visit

#ClearanceJobs

#LI-JS1