Provides cybersecurity vulnerability remediation and mitigation support for all detected/known vulnerabilities across all applicable WBAMC assets. Remediate vulnerabilities within any defined suspense date (i.e. Cyber Command IAVA, DoD/DHA task order (TASKORD), DoD Control Correlation Identifier (CCI)). Provide mitigation strategies where remediation of the vulnerability cannot be executed prior to suspense date. Provide a Cybersecurity POA&M status report and their Plan of Action with Milestone (POA&M) tasks and dates to the WBAMC Information Systems Security Manager (ISSM) as needed. Evaluate existing mission systems to provide analysis on Risk Management Framework (RMF) documentation/artifacts to ensure compliance with Army, DODO and National Institute of Standards and Technology (NIST) and current Best Business Practices (BBP).
Essential Functions:
· Create, review, and provide recommendations on a WBAMC RMF SOP that explain how to execute the WBAMC RMF business procedures and templates IAW with the Army/DHA regulations, policies, guidance, and BBPs.
· Provide an RMF Artifact Document for review the DoD, DHA, and WBAMC RMF business process to provide guidance to WBAMC organizations. The Contractor shall recommend, prepare, and deliver RMF artifact document templates which are compliant with DOD, DHA, and DA business process requirements.
· Identify, mitigate, and resolve Cyber Security (CS) issues and concerns. Develop/contribute to guidelines/plans/policies, analyses and reviews that require CS expertise in the areas of security incident response, CS ticket assignment, tracking and response, vulnerability scans, security assessments, accreditation/certification, Program Protection Plan (PPP) evaluation, and other CS related activities and mandates.
· Provide trained employees who can provide RMF recommendations and guidance; receive, review, and assist with the preparation and delivery of RMF artifacts and documentation; and track and monitor RMF status. The Tenant Security Plan (TSP) is an Army subset requirement of RMF. The Contractor shall maintain established RMF procedures and documentation to enable WBAMC to maintain and update the required RMF documentation as appropriate.