Seeking an Systems Analyst to support the IA Branch of the USAF Surgeon General office in the engineering aspects of Certification and Accreditation (C&A) matters, development and analysis of policy and procedures, security plans, security training and awareness, security requirements and specifications, risk assessments, tests and evaluations, technology evaluation and integration (PKI, VPN, firewalls, Intrusion Detection Systems, etc), IA web site information , research and evaluation on IA matters, incident response and reporting AF Medical Systems and Military Health Systems (MHS) DoD Information Assurance Certification & Accreditation Process/Command, Control, Communications, and Computer Intelligence Support Plan (DIACAP/C4ISP) security documentation, technical papers, white papers, military staff package preparation, evaluation of applicable standards of the Joint Commission on Accreditation of Healthcare Organizations (JCAHO), HIPAA, GISRA, and other related tasks.

Reviews, analvzes, and evaluates business systems and user needs. Formulates systems to parallel overall business strategies. Writes detailed description of user needs, program functions, and steps required to develop or modify computer programs. Relies on extensive experience and judgment to plan and accomplish goals. Performs a variety of tasks. May provide consultation on complex projects and is considered to be the top level contributor/specialist. A wide degree of creativity and latitude is expected.

• Conduct/Analyze Risk Assessments (Systems, Networks, Infrastructure, etc) with minimal oversight.
• Conduct/Analyze Tests and Evaluations.
• Conduct standard tests, using tools such as AppDetective.
• Expected to run the most up to date version of the Gold Disk to check for compliance with DISA STIGs.
• Familiarity with Retina Network Security Scanner
• Use of WebInspect is yet another tool required in this work.
• Determine that the system security features perform as specified
• Identify discrepancies in component security performance
• Establish system security benchmarks
• Evaluate system security documentation
• Document results on which to base a recommendation of ready or not for secure operational implementation
• Determine that unchanged security functions still perform as specified
• Determine improvements or degradation in component security performance (compared with previous tests)
• Successful candidate expected to be capable of reviewing documents, running software packages similar to those discussed earlier, and observation.
• Assist in the development and review of DIACAP packages
• Provide Technical and Managerial Support Services to assist the IA Branch Chief in the development of security policies and procedures, security plans, conducting security awareness training, and security requirements and specifications.
• Provide state of the art security related technology and integration (PKI, VPN, firewalls, IDS, etc), evaluations, and analyses.
• Research and evaluate general IA matters.
• Document Review/Analysis
• Policy Reviews/analyses and Guidance
• Develop and/or Analyze Accreditation Reports
• Prepare and Deliver Briefings
• Define problems, determine data availability, satisfy report requirements, and address system design issues.
• Develop plans for IT systems from project inception to conclusion.
• Analyze the problem and the information to be processed, define the problem and develop system requirements and program specifications from which programmers prepare detailed flowcharts, programs, and tests.
• Analyze alternate means of deriving input data to select the most accurate, feasible and economical methods.
• Define input and output file specifications, including file organization.
• Define controls, conversion procedures and system implementation plans including user training and orientation.
• Closely coordinate with programmers to ensure proper implementation of program and system specifications.
• In conjunction with functional users, develop alternative system solutions.