Focus is on three functional areas;
- Information Security Engineering, Design and Implementation support;
- Information Security Operations and Operational Support;
- Continuity of Operations and Disaster Recovery (COOP/DR) development and support.
a: Security Engineering, Design, and Implementation Tasks include but are not limited to:
- Assess the effectiveness of the existing cyber security program, including identification of the strengths and weaknesses of the infrastructure/network installation, applications and application services, critical utilities, and implemented communication technologies;
- Analyze and evaluate network, subsystems, components, controls and security criteria for vulnerabilities and weaknesses;
- Define and manage a security infrastructure roadmap in collaboration with the customer's networks and security organizations;
- Lead and support as necessary, projects that implement next generation access and security infrastructure components;
- Provide technical design, implementation planning, testing and troubleshooting expertise for security infrastructure components;
- Investigate and utilize new technologies, tools and techniques to enhance security capabilities and performance;
- Recommend countermeasures, security techniques, tools and vendor products to mitigate security vulnerabilities and strengthen the overall security posture.
b: Operations and Operational Tasks include but are not limited to:
- Monitor and manage the overall security posture using appropriate tools and technologies;
- Identify necessary Incident Response actions needed to mitigate threats, steps needed to restore services, and appropriate Security Event and Incident Management (SEIM) tools;
- Perform security monitoring, data/log and forensic analysis, to proactively detect security incidents and threats;
- Plan for and perform periodic security audits to validate that the security posture satisfies IS and facility security requirements;
- Develop Standard Operating Procedures (SOPs) for the monitoring and management of the overall IS and facility security posture;
- Use best practices and standards recommended by NIST and the DoD, to include Security Technical Implementation Guides (STIGs), and Vendor/Manufacturer recommendations;
- Implement and document risk assessments to include continual processes and procedures.
c: Continuity of Operations and Disaster Recovery (COOP/DR) Tasks include but are not limited to:
- Develop specific Contingency Plans (CPs) that define and describe actions that must be taken to protect network assets from damage in the event of a disaster or emergency;
- Develop a basic recovery strategy, including specifications for recovery procedures by system/subsystem/component/ priority;
- Identify recovery priorities, and define specific responsibilities for various organizational elements;
- Identify facilities and resources that can be used to provide COOP/DR short term and long-term support;
- Coordinate with the customer and the Operations Group to periodically test the COOP/DR processes and procedures;
- Update various documents and SOPs with lessons learned from the tests.