FOR MORE INFORMATION
(717) 267-9900, DSN 570
Responsible for enhancing security and availability of the Global Information Grid by ensuring adherence to Information Assurance and NetOps Policies including development of guides and procedures; training of DoD, DISA, and Combatant Commands; implementation of Enterprise IA solutions; formal certification reviews; vulnerability management tools and metrics; NetOps training and reviews; CNDSP, NetDefense, Incident Response; and Enhanced Compliance Validation inspections.
Execute Enterprise Information Assurance (IA) and Transform DISA Net-Defense Capabilities.
FOCUS AREA DESCRIPTION
The DISA Enterprise Infrastructure is global and joint. Only a global and joint Information Assurance (IA) approach by DISA and our partners can give our customers the mission dependability that modern warfighting demands in the face of cyber warfare. DISA Field Security Operations (FSO) will enhance and ensure adherence to IA and Net-Defense policies of the Enterprise Infrastructure by:
- Operationalizing Enterprise IA solutions to include CNDSP, Net Defense, Incident Response, DISA Red Team, Command Cyber Readiness Inspections, and General Service (GENSER) Tier 2 CNDSP evaluations
- Conducting and executing DISA Cyber Risk Management and Cyber Defense (Mission Assurance)
- Evolving the Enterprise Infrastructure to better support a joint IA model that has common enterprise-scale perimeter defenses and will support a broad range of sharing policies from completely unclassified to tightly-held within a classified community
- Developing guides, procedures, and training for and with DoD, DISA, and COCOMs on NetOps and IA to enhance the professionalism of the workforce and ensure adherence to IA and NetOps policies
- Developing, performing, analyzing, and providing IA metrics, formal certification reviews, and improvement recommendations
- Influencing the design, assurance, and operation of the Enterprise Infrastructure:
- In zones that exhibit the appropriate separation and sharing policies
- To avoid problems of anonymity that inhibit sharing and provide improved individual and organizational mobility; accountability; and common approaches to identifying people, services, and other entities on the networks--combined with innovative approaches to access control
- To ensure the Enterprise Infrastructure is designed and operated to be particularly resistant to cyber attack and infrastructure failure
- Develop, Implement and Maintain IA Security Guidance and Processes.
- Conduct Full Scope Security Reviews and Provide Assistance.
- Provide Certification and Accreditation Support and Perform as the Single
- Certifying Authority for DISA.
- Develop and Implement a NetOps Evaluation and Certification Program.
- Perform Computer Network Defense Service Provider assessments and make Certification recommendations.
- Implement Security Architecture and Information Assurance Tools.
- Develop and distribute IA Training Products and Provide IA Training.
- Develop, Implement and Maintain Vulnerability Management Systems
- Provide onsite incident response and recovery support (IRRT) for CNDSP subscribers.
- Perform in-depth security architecture analysis testing (SAAT).