Camber Corporation Cybersecurity Support for LVC M&S Federations & Systems 15728 in Einsiedlerhof, Germany
Camber is seeking cybersecurity support for LVC M&S Federations and Systems support at the Warrior Preparation Center (WPC).
The Contractor shall provide cybersecurity support for all WPC LVC M&S Federations and Systems to enable the WPC to obtain/maintain cybersecurity approval to connect to allied, coalition and partner nation distributed training centers (DTCs) and associated network systems and training devices. The Contractor shall provide cybersecurity advice, guidance, recommendation and review of identified products created by units for their specific sites to comply with Federal, DoD and USAF IA policies. The Contractor shall support the sustainment of the accredited cybersecurity posture of the WPC’s domain enclaves by actively tracing and maintaining each network’s cyber-vulnerability level and system compliance to applicable DISA STIGS and SRGs. The Contractor shall serve as the operational and maintenance lead for the WPC’s ACAS systems and scan/report production processes.
Provide technical inputs for CVM and RMF POA&Ms regarding remediation timelines and vulnerability mitigation to sufficient detail;
Provide complete scan reports of each network monthly, and after any major network reconfiguration, in the required format for reporting/submission into the appropriate CVM repository;
Troubleshoot and research problems with systems that do not provide a complete or fully credentialed scan result and resolution;
Accomplish vulnerability remediation (e.g., patches and updates) as well as STIG/SRG configuration compliance actions on domain core services systems and workstations in coordination with and support of the WPC SC Directorate personnel;
Maintain list of active hosts on the different networks and the corresponding basic inventory listings of software used in order to determine which STIGS and/or SRGs should be applied;
Research proposed configuration updates/changes and apply a “patch and test” approach as appropriate to determine if a particular configuration update/change will have a detrimental effect on the WPC processes and mission, and make a determination on application in the operational environment;
Accomplish STIG/SRG checklist updates and reporting quarterly, tracing both automated compliance scans and manual STIG checklists as applicable;
Track and report compliance of configuration changes based on USCYBERCOM-driven tasking orders or other DoD short notice threat response notifications;
The Contractor shall be familiar with Microsoft Windows environment, UNIX, Linux, Hyper convergence technology, VMWare and VDI zero client architecture;
The Contractor shall possess at least 10 years’ experience as a MCSE or RHCSA, and be certified as a Certified Information Systems Security Professional (CISSP).The Contractor must also possess experience with ACAS or Tenable Nessus vulnerability scanners.The Contractor must also have experience supporting LVC M&S distributed training systems and Distributed Training Centers (DTCs);
The Contractor shall provide guidance and subject matter expertise of DoD and USAF policies and instructions related to the certified and accredited (C&A) processes; USAF Security, Interoperability, Supportability, Sustainability and Interoperability (SISSU) activities; DoD enterprise Mission Assurance Support Services (eMASS) web based tool used to implement the DoD Information Assurance (IA) C&A Process; the USAF Certification and Accreditation Process (AFCAP) and DoD’s RMF;
The Contractor shall provide security engineering to implement security controls and ensure they do not degrade performance and availability requirements needed to execute and sustain LVC M&S exercises and events;
The Contractor shall report security findings and issues associated with the RMF process to WPC SC Directorate personnel;
The Contractor shall provide LVC M&S cybersecurity, including but not limited to:collaboration with WPC SC Directorate personnel to address C&A; conduct technical exchange meetings; review system architecture and Defense Information Assurance Certification and Accreditation Process (DIACAP) or RMF as well as the respective C&A documentation; document problem areas and provide recommendations for resolution; conduct site visit follow-up on issues and resolutions; document recommendations for process improvements; provide lessons learned quarterly; conduct annual security reviews and provide annual report; and provide customer service support to installation sites as directed by the Government.
The Contractor shall review system artifacts (e.g., documents) for accuracy and perform hands-on testing of system security features;
The Contractor shall conduct facility site visits to observe the actual processes related to each IA control (technical, personnel, operational, or management in nature);
The Contractor shall utilize tools such as Retina and Nessus scanners, DISA System Readiness Review (SRR) and Gold Disks, and database and web server security tools;
The Contractor shall perform hands-on validation of IA control implementation in LVC M&S and shall base assessment primarily on the validation procedures of the DIACAP or RMF Knowledge Service and DISA STIGS; and
The Contractor shall assist the WPC in achieving consistent application/implementation of network and security system policies, countermeasures, and procedures under development and fielded to user sites; and assessing the accuracy and completeness of system accreditation packages in accordance with DIACAP/RMF to increase the WPC’s cybersecurity posture.
The Contractor shall assist as required in maintaining and updating the following documents:Information System Contingency Plan, Configuration Management Plan, Risk Management Plan, Vulnerability Management Plan, Patch Management, Incident Response Plan, Continuity of Operations Plan (COOP) and Disaster Recovery Plan (DRP).
Desired Education and Experience:
A bachelor's degree plus 3 years of functional experience, OR; An associate's degree plus 7 years of recent specialized experience OR 11 total years of recent specialized experience.
Clearance: Secret. The selected applicants will be subject to a security investigation and must meet eligibility requirements for access to classified information.
Camber is now part of the Integrated Mission Solutions Group of Huntington Ingalls Industries Technical Solutions Division.
Camber Corporation employs a diverse mix of skilled professionals who apply their knowledge and experience to creating innovative new solutions for a variety of Government, commercial, and international customers.
Founded as an 8(a) company in 1990, Camber Corporation’s management had the entrepreneurial vision to recognize how existing and emerging technologies could help solve long-standing as well as newly identified problems in the public sector market.
Camber’s initial success with our first customers brought additional work resulting in the hiring of energetic and creative new employees. Within five years, Camber was named to Inc. ’s list of fastest growing companies in the United States (1995, 1996) specializing in: Aviation Sensors and Simulations; Chemical, Biological, Radiological, Nuclear, and Explosives (CBRNE) research and development; training and logistical support; project management using Earned Value Management Systems (EVMS); training; and information technology support.
Camber graduated from its 8(a) status in 1998 and has continued to add highly specialized capabilities to its portfolio of services to include: Agile Software Engineering & IT; All Hazards; Modeling, Simulation and Training; Unmanned Systems, Intelligence Analysis and Operations; and Engineering and Management. We are accredited in national and international standards, including ISO 9001:2008, ISO 20000, and CMMI ML-3, and use these standards to ensure our services and products are consistent and of the highest quality.
Camber Corporation is headquartered in Huntsville, AL with a major workforce concentration in the Washington D.C. / National Capital Region and other locations in the U.S., Europe, the Middle East and Asia.
Camber Corporation is an Equal Opportunity Employer EOE/AA Minorities/Females/Veterans/Disabled