Broadleaf, Inc has been featured as one of Inc. Magazine's "Top 5000 fastest growing companies". Broadleaf, Inc has established itself as #20 (2021) D.C. Metro, from #146 (2020), #733 (2019), and #1730 (2018). Broadleaf, Inc is also ranked #393 (2021) in the U.S. by Inc.com. www.inc.com/profile/broadleaf
Founded in 2009 and headquartered in Virginia, Broadleaf is a Native Hawaiian Organization (NHO) owned small business. We are a mature 8(a) firm who has achieved Capability Maturity Model Integration (CMMI) Level 3 for Development, CMMI Level 3 for Services, and ISO 9001, ISO 27001, and ISO 14001 certifications. These quality improvement programs directly influence our management and technical solutions. Unlike other small businesses, our certifications prove that we have mature processes and procedures which will be used to deliver a high-quality service to our clients. What is an NHO? Native Hawaiian Organization or NHO is a community service organization serving Native Hawaiians in the State of Hawaii which is a not-for-profit organization chartered by the State of Hawaii, is controlled by Native Hawaiians, and whose business activities will principally benefit such Native Hawaiians.
Our NHO’s Mission NHO is a non-profit organization designed to benefit the Hawaii people through the development and advocacy of Science, Technology, Engineering and Math (STEM) education and by promoting Hawaii’s role as America’s Gateway to the Pacific. Our NHO supports this missions through an agenda that facilitates community resilience, development, economic prosperity, and strengthens Hawaii’s relationships with its Asia-Pacific neighbors.
JOB DESCRIPTION:
Cyber Assurance (CA) team which conducts Risk Management Framework efforts supporting Enterprise level tasks (Tier II) in the roles of Cyber Analyst and Cyber Validators. In addition, the CA team conducts A&A validation and security testing devices before allowing the hardware to be added to the network. The CA team may be required to travel at least 10 times a year for annual security assessments and continuous monitoring efforts. Cybersecurity support includes systems which comprise the ESS, the Agency’s administrative networks- (Unclassified but sensitive Data Network (UDN), Classified Data Network (CDN), and JWICS enclaves), GIG waivered networks and all standalone systems (non-networked computers).
BASIC QUALIFICATIONS:
At least three (3) Years System Level Cybersecurity Experience in the following areas:
Supporting A&A validation, RMF assurance, POA&Ms, and eMASS submissions
Develop, update, and provide for Government review, all DoD and other federal agency-specific documentation specified in Government A&A Framework and DoDI 8510.01, as applicable.
Conduct A&A related security test and evaluations using government mandated tools and test procedures.
Analyze IT products against foreign ownership, known vulnerability databases, and government approved products list(s).
Scan IT products using Government approved scanning tools to identify potential risk to the Government production network.
Develop and maintain standard operating procedures for IT product analysis.
Provide Cyber IT analysis results and test reports for government approval.
Knowledge of DISA Security Technical Information Guides, RMF, NIST SP 800-53, Vulnerability Tools, and other applicable DoD Cybersecurity policies
Possess strong writing skills; experience preparing enterprise-wide SOPs, reports for high level officials.
Experience developing cybersecurity documentation, Plan of Actions & Milestones (POAM), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts.
Work experience with Cloud Based Internet Isolation (CBII), SPLUNK (Lvl 2), ForeScout and EnCase software
EDUCATION REQUIREMENTS:
Associates or Bachelor’s Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology
CERTIFICATION(S):
8570 IAM II or IAT Level II required (e.g., CCNA Security, CySA+, GICSP, Securtiy+ CE, CND or SSCP)
Tanium Certified Administrator
CLEARANCE LEVEL:
Active TS/SCI Clearance
or Active Secret with the ability to obtain TS/SCI REQUIRED
WORK ENVIRONMENT AND PHYSICAL DEMANDS:
This is a partial Telework position.
This position is subject to travel of 15-35%
If alternate worksite is other than DCSA facilities or corporate office space, must have the reliable ability to communicate over voice (cell phone preferred) and stable, capable internet connection.
Must speak English well enough to communicate complex technical ideas to a diverse customer both verbally and in written form.
BASIC QUALIFICATIONS:
At least three (3) Years System Level Cybersecurity Experience in the following areas:
Supporting A&A validation, RMF assurance, POA&Ms, and eMASS submissions
Develop, update, and provide for Government review, all DoD and other federal agency-specific documentation specified in Government A&A Framework and DoDI 8510.01, as applicable.
Conduct A&A related security test and evaluations using government mandated tools and test procedures.
Analyze IT products against foreign ownership, known vulnerability databases, and government approved products list(s).
Scan IT products using Government approved scanning tools to identify potential risk to the Government production network.
Develop and maintain standard operating procedures for IT product analysis.
Provide Cyber IT analysis results and test reports for government approval.
Knowledge of DISA Security Technical Information Guides, RMF, NIST SP 800-53, Vulnerability Tools, and other applicable DoD Cybersecurity policies
Possess strong writing skills; experience preparing enterprise-wide SOPs, reports for high level officials.
Experience developing cybersecurity documentation, Plan of Actions & Milestones (POAM), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts.
Work experience with Cloud Based Internet Isolation (CBII), SPLUNK (Lvl 2), ForeScout and EnCase software
EDUCATION REQUIREMENTS:
Associates or Bachelor’s Degree, or equivalent experience in Cybersecurity, and/or Information Systems Management, Information Technology
CERTIFICATION(S):
8570 IAM II or IAT Level II required (e.g., CCNA Security, CySA+, GICSP, Securtiy+ CE, CND or SSCP)
Tanium Certified Administrator
CLEARANCE LEVEL:
Active TS/SCI Clearance
or Active Secret with the ability to obtain TS/SCI REQUIRED