· Provide IT support services for all USG classified systems - Provide competent, on-site technical support at all locations as directed with classified information systems, ensuring that all activities are performed in compliance with all applicable USG requirements and system security plans.
· Create solutions that can be used by the business line and security as needed to ensure the security of USG classified resources.
· Meet and perform all functions associated with the certification, accreditation, and maintenance of new or existing United States Government (USG) classified information systems to include but not limited to:
· System lifestyle management
· Documentation and reporting
· Remediation of all security incidents that require action associated with classified information systems
· Identification of all tools and equipment required for the above activities within budget constraints
· Serve as primary point of contact for business line customers with regard to execution of all duties
· Provide continuous process improvement and internal audit capabilities
· Provide a training program that will certify internally all personnel in the skills necessary to perform all required duties
· Manage a budget for all activities
· Homogenize System Security Plan (SSP) Certification and Accreditation Efforts
· Create Standards for Compliance
· Ensure Reporting Compliance with Reporting Requirements Support the development of IS security education, awareness, and training activities for facility management, IS personnel, users, and others, as appropriate.
· Establish, document, and monitor the IS Security Program and related procedures for all facilities and ensures facility compliance with requirements for IS.
· Collects and reports unique local threats/vulnerabilities to IS.
· Respond to Government reporting requirements as directed.
· Ensure that periodic self-inspections of all facility's IS Programs are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities. Self-inspections are to ensure that the information system is operating as accredited and that accreditation conditions have not changed.