DDC IT Services, LLC (DDC-ITS) is SBA 8(a) SDB certified a company dedicated to solving IT business problems for three major markets: Federal, Commercial and Tribal. DDC-ITS is 100% owned by the Navajo Nation and has been in business since 2011. Our focus is on the ever-changing world of Cyber Security with respect to staffing for building and securing networks and enterprise applications. Another focus is to provide businesses with the Hardware & Software to meet their needs. We both sell and implement complete business solutions.
DDC IT Services will accommodate individuals with disabilities that need assistance applying for open positions.
DDC IT Services is an equal opportunity/affirmative action employer subject to the Navajo Preference in Employment Act.
Duties & responsibilities:
Functions required to be performed by Cybersecurity Engineers may include:
Providing CISSP-ISSEP certified personnel per DOD requirement
Coordinating with Compliance Team on user access for auditing (FISCAM)
Continuous Monitoring of defined controls as part of the Risk Management Framework continuous monitoring strategy
Coordinating with SCA and SCAR team to conduct security test planning and security testing of the related controls of all the releases
Active coordination with DISA, GCSS, and CIE to remediate DB vulnerabilities
Coordination with AFOTEC and annual red/blue team assessments and knowledgeable with network, application, and database architecture to remediate any findings from the assessments
Providing Cybersecurity personnel to participate in Release Management IPTs
Producing/Reviewing Cyber policy/directives and PMO documentation
Coordinating DEAMS Memo for Access and 2875s
Analyzing new vulnerabilities, opening Incident tickets appropriately, and carrying tickets through the Configuration Management process into cyber releases
Remediating vulnerabilities through POA&M or cyber releases, especially any item that’s deemed HIGH risk by SCA (typically 6 mo window)
Reporting open POA&M items to leadership monthly or as requested
Conducting annual FISMA and contingency testing
Having RMF knowledge and capable of going through the accreditation process
Familier with NIST, DoD, AD, and other regulations, polices, and instructions
The contractor shall ensure the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
Contractor shall ensure personnel performing cybersecurity activities obtain, and remain current with, technical and/or management certifications to ensure compliance as directed by DoD 8140 and outlined in DoD 8570.01-M, Appendix 3, Table 2, and AFMAN 330285, as well as maintain a current SECRET security clearance.
Bachelor degree and two years’ experience. Risk Management Experience a plus.
Secret Security Clearance Required