Kwajalein Atoll is part of the Republic of the Marshall Islands (RMI) and located approximately 2,130 nautical miles west southwest of Honolulu, Hawaii. The major tenants are U.S. Army Space and Missile Defense Command/Reagan Test Site and United States Army Garrison – Kwajalein, an activity under the U.S. Army Installation Management Command. Other key tenants include National Aeronautics and Space Administration, Massachusetts Institute of Technology, Missile Defense Agency, U.S. Air Force, and Department of Energy. 

By Light is looking for personnel to deliver comprehensive, integrated, end-to-end Information Technology services, logistics support, and business operations support. Personnel will reside in Government housing, there are no privately-owned automobiles; bicycles or walking are the standard means of transportation; Department of Defense School System is available for kindergarten through 12th grade, a small base exchange and one grocery store is available; a hospital provides very limited outpatient services and limited emergency services. Morale and recreation activities range from SCUBA diving, snorkeling, fishing, surfing, boating, swimming, golf, and tennis.

• Provide DOD PKI services including directory support, certificate validation, registration, interface to related Army systems, and required key management services.
• Provide PKI authentication for user devices, such as alternate Smart cards or tokens, and applications to discover and utilize global information services data and enable CAC  Cryptographic Logon (CCL) (when applicable), for controlling logical access.
• Annotate services in Remedy or other tracking system.
• Request, receive, and install system PKI certificates.
• Provide vulnerability assessment support, to include risk analysis of vulnerabilities, threats, and the impact of losing systems' capabilities on the mission objective.
• Recommend decisions to implement security countermeasures or mitigate risk; implement approved countermeasures; and perform periodic reviews.
• Perform a weekly system compliance scan using DOD tools, such as the Assured Compliance Assessment Solution (ACAS).
• Recognize possible threats and review evaluations for compliance and noncompliance.
• Provide updated vulnerability risk assessments based on input from U.S. Cyber Command (CYBERCOM) and coordination with other Federal/state agencies, as appropriate.
• Provide analysis and reports for known or potential vulnerability risks.
• Assess the effectiveness of countermeasures based on the information gathered from risk assessments.
• Provide the Government with cybersecurity functional support for assessments, authorizations, and documentation of fielded systems managed by the 30th Signal Battalion NEC.
• Provide support for the independent assessment of compliance of information systems with DoD RMF standards using DoDI 8510.01.
• Monitor and report Approval to Connect (ATC) and Authority to Operate (ATO) expiration dates quarterly, ensuring authorization milestones meet all DOD published regulations and policies to avoid disconnection.
• Control, protect, safeguard, and account for all COMSEC, CCI, and/or CHVP IAW AR 380-40, AR 710-2, TB 380-41, Local Standing Operating Procedures, and other Army, DoD and National level policy.
• Support data calls and site visits for planning and implementing Defense in Depth for the network and/or enclaves by the Army Enterprise within the network IAW all DOD published regulations and policies.
• Perform the information assurance vulnerability management (IAVM) program for all installation and customer activities IAW all DOD published regulations and policies.
• Draft and maintain an IAVM Plan of Action and Milestones (POA&M) for all networks managed by NEC for Government review or approval.
• Monitor the Wireless Intrusion Detection System.
• Respond to negligent discharge of classified information (NDCI) incidents IAWDOD published regulations and policies and the 30th Signal Battalion Incident Response Plan.

• Bachelors’ degree or 6 years of relevant experience
• Minimum of five (5) years’ experience with DoD security hardening, collection, and assessment tools (STIGs, ACAS SCAP, Nessus, etc.) and experience with security architectures, firewalls, and network access.
• Possess a minimum of five (5) years’ experience in cybersecurity documentation and system authorization artifacts (System Security Plan, lifecycle documentation, continuous monitoring plan, Security Assessment Plan, Security Assessment Report, Risk Assessment, etc.).
• Have extensive knowledge of the Risk Management Framework (RMF)
• Certifications: DoD 8570.01-M, IAT II – COMPTIA Security+.

• Supported the U.S. Army or other DoD/Federal Agency.
• Has the communication skills to effectively interface with senior military officials, managers, and subordinates.

• U.S. Citizen
• Secret Security Clearance