Cybersecurity

Contract: Information Management and Technology (IM&T) Cybersecurity Services

The Defense Security Cooperation Agency (DSCA) provides financial and technical assistance, transfer of defense matériel, training and services to allies, and promotes military-to-military contacts. Security Cooperation (SC) is founded on a tradition of cooperation between the United States and other sovereign nations with similar values and interests in order to meet common defense goals.

MCSG:

• Performs application monitoring, system security configurations and auditing IT systems & networks for compliance with DoD Cybersecurity policies
• Administers the DSCA-managed Cybersecurity training, to include the annual Cyber Awareness Challenge training per DoDD 8500.1 and compliance with the requirements of DoDD 8570.1 and DoD 8570-M for the IA Workforce Improvement Program (WIP).
• Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems.
• Designs, develops and implements security requirements within an organization’s business processes.
• Prepares documentation from information obtained from customer using accepted guidelines such as RMF (Risk Management Framework). Prepares test plans.
• Provides assessment and authorization (A&A) support in the development of security and contingency plans and conducts complex risk and vulnerability assessments.
• Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps.
• Develops and completes system security plans and contingency plans.
• Recommends system enhancements to improve security deficiencies.
• Develops, tests and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
• Conducts security program audits and develops solutions to lessen identified risks.
• Develops strategies to comply with privacy, risk management, and e-authentication requirements.
• Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
• Evaluates, develops and enhances security requirements, policy and tools.
• Provides assistance in computer incident investigations.
• Performs vulnerability assessments including development of risk mitigation strategies.
• Communicates with the DSCA OCIO stakeholders to provide status and quality reports, to discuss changes in requirements, and to coordinate with activities outside the cybersecurity project.
• Documents and shares lessons learned with DSCA cybersecurity and stakeholder/staff to enable continuous improvement.