Job Description BAE Systems is looking to hire a Cyber Security Policy Analyst to support our customer in Korea. This individual will provide all Cybersecurity support services for the US Forces Korea (USFK) J6 and promulgate Cybersecurity policy that is adhered to by all USFK components.
A successful candidate will have experience with the local IA/Cybersecurity and Security policies in the form of Letters of Instruction (LOI) for government review and CUSTOMER signature to reflect local IA/Cybersecurity and security requirements to enhance understanding of current regulatory guidance and best business practices.
The Cyber Security Policy Professional will maintain awareness of all changes to pertinent Federal, DoD, CJCSM, and other security related directives, instructions and regulations and recommend to the government leads changes to existing LOIs or the establishment of new LOIs as appropriate. The Cyber Security Policy Professional will develop and/or maintain SOPs that address current processes and procedures relating to IA, Computer Network Defense, Physical Security, Personnel Security, and Information Security (INFOSEC)
The candidate will additionally research, develop and deliver SOPs as requested by the customer. SOPs shall be supported by regulatory guidance and provide accurate step-by-step procedures to include screen shots of sufficient detail so that a person of reasonable skill (and who has sufficient access) can conceivably complete the process described by the SOP from beginning to end with little or no familiarity.
The candidate will track and acknowledged all IAVM notices (e.g. alerts, bulletins, and tech tips). The candidate shall track the IA/Cybersecurity training and certification of all USFK Command & Staff employees IAW public law and DoD instructions. This will include requirements for new user training and annual refresher training. The contractor is encouraged to make use of existing training resources in developing training plans.
Responsibilities:
- Maintain USFK J6 policies and USFK Instructions, along with CX-K related Exception-to-Policy (ETP) requests as directed by government leadership. This includes drafting of required documentations, routing for stakeholder input, revising as needed, and obtaining the J6 Directors approval decision (as the USFK/CFC/UNC J6 and CX-K Authorizing Official) when complete.
- Track, acknowledge, and disseminate all IAVM notices in the form of tech tips, CTOs, TASKORDs, RNEC IAVM reports to the appropriate communities for mitigation and/or situational awareness. At times, coordinate responses from USACISA-P regarding CX-K network related notices and report status to INDOPACOM as USFK update.
- Track and ensure all IA/Cybersecurity training and certification requirements for CX-K and AUDS accounts of all USFK Command & Staff personnel are met IAW public law and DoD Instructions.
- Oversee processing of routine administrative paperwork for all personnel in-processing and/or out-processing within the J632 branch to include account requests, company required documents, SSO de-brief, etc.
- Provide overwatch for Cross Domain Solution (CDS) requirements as the USFK liaison to ACDMO to ensure Raise-The-Bar compliance.
- Facilitate workshops and training sessions to educate the Republic of Korea (ROK) Joint Chief of Staff, Ministry of Defense, and Defense Counterintelligence Command on United States Cybersecurity related policies.
- Act as main POC for any RFI regarding Cybersecurity related policy/guidance within the J6.
- Engage as necessary with the RNEC and USFK IMOs to ensure that the USFK ISSM is tracking all new requirements and areas of concern that require USFK ISSM attention and/or situational awareness.
