|Performs risk management framework security determinations of fixed, deployed and mobile information systems (IS) and telecommunications resources to monitor, evaluate and maintain systems, policy and procedures to protect clients, networks, data/voice systems and databases from unauthorized activity. Identifies potential threats and manages resolution of communications security incidents. Enforces national, DoD and Air Force security policies and directives to ensure Confidentiality, Integrity and Availability (CIA) of IS resources. Administers and manages the overall cybersecurity program to include Emissions Security (EMSEC) and Computer Security (COMPUSEC) programs. Conducts cybersecurity risk management framework assessments; ensures enterprise cybersecurity policies fully support all legal and regulatory requirements and ensures cybersecurity policies are applied in new and existing IS resources. Identifies cybersecurity weaknesses and provides recommendations for improvement. Monitors enterprise cybersecurity policy compliance and provides recommendations for effective implementation of IS security controls. Evaluates and assists IS risk management activities. Makes periodic evaluation and assistance visits, notes discrepancies, and recommends corrective actions. Audits and enforces the compliance of cybersecurity procedures and investigates security-related incidents, classified message incidents, classified file incidents, classified data spillage, unauthorized device connections, and unauthorized network access. Develops and manages the cybersecurity program and monitors emerging security technologies and industry best practices while providing guidance to unit level Information Assurance (IA) Officers. Responsible for cybersecurity risk management of national security systems during all phases of the IS life cycle through Remanence Security (REMSEC). Integrates risk management framework tools with other IS functions to protect and defend IS resources. Advises cyber systems operations personnel and system administrators on known vulnerabilities and assists in developing mitigation and remediation strategies. Provides CIA by verifying cybersecurity controls are implemented in accordance with DoD and Air Force standards. Analyzes risks and/or vulnerabilities and takes corrective action to mitigate or remove them. Ensures appropriate administrative, physical, and technical safeguards are incorporated into all new and existing IS resources through certification and accreditation and protects IS resources from malicious activity. Performs EMSEC duties in accordance with national and DoD EMSEC standards. Denies unauthorized access to classified, and in some instances, unclassified information via compromising emanations within a controlled space through effective countermeasure application. Ensures all systems and devices comply with national and DoD EMSEC standards. Inspects classified work areas, provides guidelines and training, maintains area certifications, determines countermeasures; advises commanders on vulnerabilities, threats, and risks; and recommends practical courses of action. Responsible for oversight or management of installation Information Assurance awareness programs. Performs or supervises user cybersecurity awareness and training. Promotes cybersecurity awareness through periodic training, visual aids, newsletters, or other dissemination methods in accordance with organizational requirements. As part of the Cyberspace Support career field family, manages, supervises, and performs planning and implementation activities. Manages implementation and project installation and ensures architecture, configuration, and integration conformity. Develops, plans, and integrates base communications systems. Serves as advisor at meetings for facility design, military construction programs and minor construction planning. Evaluates base comprehensive plan and civil engineering projects. Monitors status of base work requests. Performs mission review with customers. Controls, manages, and monitors project milestones and funding from inception to completion. Determines adequacy and correctness of project packages and amendments. Monitors project status and completion actions. Manages and maintains system installation records, files, and indexes. Evaluates contracts, support, contingency and exercise plans to determine impact on manpower, equipment, and systems.
Special Requirements: Along with the duties specified in this description, this position may augment. Specific areas of responsibility include Information System Security Manager, TEMPEST program manager, project management, COMSEC Responsible Officer (CRO), Secure Voice Responsible Officer (SVRO). The communications section at the CRTC is responsible for providing this support to the CRTC, tenant units, and deployed personnel. Responsible for the vulnerability management program along with proficiency utilizing the tools provided by the AF (ACAS, eMASS, HBSS, etc…) as well as commercial cyber security tools required to meet local needs. Must be knowledgeable in the software certification process, IT portfolio management (ITIPS), DIACAP/RMF processes and procedures required to maintaining existing C&A/A&A for systems and enclaves. The ability to effectively interact with and support communications requirements to a wide variety of customers is imperative. Excellent verbal and written communications skills are required. Implements and interprets policies, directives and procedures. Evaluates effectiveness of equipment usage, systems performance, customer service, supplies, and system scheduling, processing, and maintenance. This position requires a broad experience base and flexibility to meet the need as it arises, and requires an individual who continues to improve their skills outside of the Monday through Friday workday. It is a high demand position, but is also rewarding for someone with a true passion for the career field as you will have the opportunity to work in many aspect of the 3DXXX field.