Program Manager for Cyber Security Information & Program Services
Previous Job
Previous
Program Manager for Cyber Security Information & Program Services
Ref No.: 18-04130
Location: Washington, District of Columbia
Start Date / End Date: 09/01/2018 to 08/31/2022
Order # RFQ1289294
Job Title Program Manager for Cyber Security Information & Program Services
Number of positions 1
Number of resumes 2
Resume Due 06/15/2018 EOD









Description:
The Contractor shall, on an individual call order basis, provide the following support services to OCIO, Office of the Chief Information Security Office (OCISO), organization, or other DOT components.

1. Information Assurance Program / Project Support
2. Disaster Recovery and Business Continuance Operations support
3. Cyber Security Management Support (Technical)
4. Information Assurance Policy, Planning and Security Training Support
5. Information Security Assessment Services and Support
6. Information System Security Administration and Engineering Support


Job Duties

The Contractor shall provide support to leadership and subject matter expertise for cybersecurity operations and information assurance activities relating primarily to the department's implementation of the Office of Management Budget Memoranda's Executive Orders, Federal Information Security Modernization Act (FISMA) and Department of Homeland Security, Departmental cybersecurity priorities.

TASK AREA 1: Information Assurance Program Support

The Contractor shall perform the following services:

a) The Contractor shall provide project oversight, coordination and management for each work task as required in accordance with general project management principles.
b) The Contactor shall provide Information Assurance assistance support for operations, business, and administrative such as: planning, organizing, managing, coordinating, and tracking (e.g. report management, cost/schedule/performance measurement, risk management, data management).
c) The Contractor shall provide support the coordination with functional teams to gather documentation and draft responses for all audits or evaluations activities i.e. FISMA, Office of Inspector General (OIG),
General Accounting Office (GAO) audits, and other audits.
d) The Contractor shall provide assistance in assembling Operation Administration responses to OIG, and other inquiries and data calls, as directed by operating administration.
e) The Contractor shall provide support for Information Assurance data within Cyber Security Assessment and Management (CSAM) to ensure accuracy of content including but not limited to POA&Ms, system status and system data within assessment motives.
f) The Contractor shall provide programmatic assistance and guidance to system owners, as requested.
g) The Contractor shall provide support for maintaining core system documentation, via standardized templates, technical guides and baseline management with supporting checklists.

TASK AREA 2: Disaster Recovery and Business Continuance Operations Support

The Contractor shall provide support to leadership and subject matter expertise for information assurance activities to support the continuity of operations / mission of information systems. The contractor shall provide contingency planning program support, in accordance with National Institute of Standards & Technology (NIST) Special Publication 800-34 Revision (Current), Contingency Planning Guide for Federal Information Systems.

The Contractor shall perform the following services:
a) The Contractor shall provide project oversight, coordination and management for each work task as required in accordance with general project management principles.
b) The Contractor shall execute activities within the information system contingency planning process; providing technical advice and guidance in business continuity/COOP program development, conducting
vulnerability and risk analysis, providing support to ensure business processing, recovery criticality and resources requirements are identified and aligned with information system resources and recovery priorities to support the continued operation of the mission.
c) The Contractor shall develop and ensure the completeness, quality, and planning documentation; including but not limited to, the business impact analysis, backup and recovery strategies and requirements analysis, information system contingency plan(s) (ISCP), and information system contingency plan test plans.
d) The Contractor shall execute information system contingency plan testing in accordance with NIST SP 800- 34 Revision (Current), Guide to Test, Training and Exercise Programs for Information Technology Plans and Capabilities, and ensure results are documented in an after-action report, and Lessons Learned corrective actions are captured for updating information in the ISCP.
e) The Contractor shall provide information system contingency training for personnel with contingency plan responsibilities focusing on familiarizing them with ISCP roles and teaching skills necessary to accomplish their roles in a system recovery capacity.
f) The Contractor shall keep abreast of latest tools, processes and trends in the contingency industry and apply them (as appropriate) to the contingency process.
g) The Contractor shall support operating administration activities and data calls associated with COOP,
critical infrastructure planning, business continuity planning, contingency planning, and backup and recovery.

TASK AREA 3: Cyber Security Management Support (Technical)
The Cyber Security Management Support provides subject matter expertise in technical cyber security services that incorporate and maintain appliances, and techniques to monitor and increase the security posture of information systems.

The Contractor shall perform the following services:
a) The Contractor shall provide cyber security expertise applying information security principles and systems engineering approach to information system's (operating system, database, application or network based) weaknesses, vulnerabilities, remediation efforts and assessing and managing risk.
b) The Contractor shall provide project oversight, coordination and management for each work task as required in accordance with general project management principles.
c) The Contractor shall perform periodic security architecture analysis/reviews, vulnerability, database and application scanning and work within the approved process to conduct the remediation of identified
vulnerabilities and validation activities to ensure weakness is fully remediated; analyze information security systems and applications and recommending and developing security measures to protect information against unauthorized modification or loss.
d) The Contractor shall provide reports of analysis of enterprise vulnerabilities, emerging threats, and mitigation strategies against current information assurance standards.
e) The Contractor shall provide current trends report of the current threat landscape, new attack vectors, insider threats, malware, network or other, as they are first seen and currently active attackers and develop presentations, spreadsheets, or other materials as may be deemed appropriate for the reporting and recommend appropriate controls to ensure integrity and confidentiality, while also ensuring mission continuity.
f) The Contractor shall aid in the development comprehensive operational procedures, and guidelines that will support mission and ensure compliance to Federal and DOT security requirements.

TASK AREA 4: Information Security Policy, and Training Support
Information Security Policy, and Training Support provides the department with subject matter experts to aid in the development and maintenance of policies, standards, directives and requirements to address all requirements and cost-effectively reduce information security risks to an acceptable level throughout the lifecycle of each information system and program support for adhering to the Federal Cyber Security

The Contractor shall perform the following services:
a) The Contractor shall provide subject matter expertise in the development of cybersecurity policy, and support in assessing new Federal initiatives, evolving threats and best practices, and audit and compliance information to identify and provide recommendations on changes to existing policies and guidance, or implementation of new policies and guidance.
b) The Contractor shall provide support in the assembly of requirements, drafting of cybersecurity guidance and policy, coordination of draft document reviews, facilitation of the adjudication of comments, and preparation of near-FINAL documents for review and signatures.
c) The Contractor shall provide support in the development, coordination, and operation of a basic security awareness training program including, but not limited to: development of training requirements; development of draft training content and materials; coordination of publication of training content to the DOT training management system(s); supporting problem resolution for personnel taking the training; aggregating and reporting upon training performance; and recording of training performance within the authoritative training management system(s).
d) The Contractor shall provide support in the development, coordination, and operation of a specialized, rolebased cybersecurity training program professionals, including, but not limited to: development of draft training content and materials; coordination of publication of training content; developing and supporting the presentation of specialized training courses throughout the year.
e) The Contractor shall provide aggregating and reporting upon training performance; and recording of training performance within the authoritative training management system(s); Maintain Security Awareness Training records in CSAM and the training scorecard to ensure that employees (both Government and Contractor) receive security awareness training and role-based information security technical training as required and maintain records of training.
f) The Contractor shall provide support in the development, coordination, and implementation of National Cybersecurity Awareness Month presentations and activities to include but not limited to: participation on program calls for the national Stop! Think! Connect! Campaign; development of presentation materials; development and coordination of event plans, schedules, speakers and facilities to ensure a timely and smooth implementation of the event(s); coordination with other cybersecurity stakeholders as appropriate for the development and presentation of awareness sessions and content.

TASK AREA 5: Information Security Assessment Services and Support
The Information Security Assessment Services and Support provides subject matter experts that will standardize the Risk Management Framework (RMF) which includes the independent1 Security Assessment and Authorization (SA&A) activities, establishing common processes and deliverables for all enterprise systems.
The Contractor shall provide program support and conduct security assessments annually or as required for over 100 applicable information systems; duties include:
a) The Contractor shall provide support for conducting security controls assessments in accordance with DOT policies and procedures for implementation of the Risk Management Framework, including development of 1 NIST 800-37r1; An independent assessor is any individual or group capable of conducting an impartial assessment of security controls employed within or inherited by an information system. Impartiality implies that assessors are free from any perceived or actual conflicts of interest with respect to the development, operation, and/or management of the information system or the determination of security control effectiveness.
security assessment plans and assessment reports compliant with NIST SP 800-53A Revision (Current) and NIST SP 800-37 Revision (Current), and update of risk assessment reports compliant with NIST SP 800-30 Revision (Current).
b) The Contractor shall monitor the status of SA&A on all systems, maintaining a suspense calendar to assure timely activity is launched to renew and/or update SA&A packages.
c) The Contractor shall perform reviews of system owner-developed documentation, monitoring Plans of Action and Milestone (progress and completion) verifying that POAM artifacts are valid.
d) The Contractor shall conduct periodic penetration testing based on system classification or category.
e) The Contractor shall provide assistance in developing and conducting entrance and exit briefings to ensure good communication of schedules, expectations, and clear understating of findings, weakness and or requirements.
f) The Contractor shall provide support to develop and maintain sound IT security policies, procedures,
templates, and checklists for assessments including providing recommendations on IT security requirement solution options, developing solution migration/implementation plans, and assisting with risk measurement/ determination.
g) The Contractor shall provide all personnel to perform technical evaluation and compliance support. The contactor shall ensure evaluation and compliance assessments are managed in accordance with project plan developed by a senior, verifiable and currently Certified Information System Security Professional (CISSP) or Certified Information System Auditor (CISA) personnel; junior personnel have at least a Certified Authorization Professional (CAP) or Systems Security Certified Practitioner (SSCP) while progressing toward their senior certification of CISSP and/or CISA. Contractor personnel CISSP, CISA, or Associate CISSP or CISA designation (depending upon the seniority of the personnel within the profession), shall be attained within six months of task order award, and maintained throughout task order period of performance.

TASK AREA 6: Information System Security Administration and Engineering Support
Contractor shall evaluate, recommend and implement new security products for use within the enterprise that will provide improved utilization of mission and security operations. The staff shall remain current on technology and provide timely information and recommendations on current and emerging technologies that would improve services or reporting capabilities.
The Contractor shall perform the following services:
a) The Contractor shall provide technical expertise and guidance in the design of new application and database configurations and connectivity options that will provide prompt, reliable and high quality information security solutions.
b) The Contractor shall use advanced knowledge to fully administer cyber security systems and provide
technical recommendations to maintain and improve mission functionality.
c) The Contractor shall conduct security studies, to include gathering information for analysis, preparing
documents, and providing recommendations concerning the security
d) Advising on IT security requirement solution options, developing solution migration/implementation plans, and assisting with risk measurement/determination.

Experience and Qualification

General Skills: Contractor personnel shall possess the following general skills:
• Proficiency in verbal and written communications.
• Proficiency in interpersonal skills.
• Proficiency in handling multiple tasks concurrently.
• Proficiency in project and time management.
• Ability to adjust to changing priorities.

Technical Skills: Contractor personnel shall possess the following technical skills:
• Knowledge of DOT IT security policies and implementation standards, and comprehensive understanding of NIST guidance to include, but not limited to, NIST Special Publications and
Federal Information Processing Standards.
• Proficiency in applying IT security concepts, methodologies, principles, procedures and using industry-standard IT security tools
• Proficiency with enterprise architecture methodologies, concepts, procedures, principles, and tools
• Proficiency in contingency planning and backup and recovery best practices and application of NIST guidance in this area.

Certifications
Shall be responsible for employing sufficient qualified management, technical, and support personnel to perform all tasks as ordered in specific task orders, including applicable industry certifications.

Examples of certifications that will may be applicable (non-exhaustive):
• ISC2 (International Information Systems Security Certification Consortium)
• ISACA (Information Systems Audit and Control Association)
• SANS (System Administration, Networking and Security Institute)
• EC-Council
• Microsoft
• Cisco
• ITIL (Information Technology Infrastructure Library)