As an Information Assurance Engineer-Senior, CAC/PKI RA support, you will provide Registration Authority (RA) services in support of the U.S. Army Network Enterprise Technology Command (NETCOM).Â You will provide technical Cryptographic Modernization, Key Management Infrastructure (KMI), Common Access Card (CAC), and Public Key Infrastructure (PKI) support in the implementation of PKI daily operations in support of Classified (SIPRNet) and Unclassified (NIPRNet) Networks being assigned to Second Army and delegated to NETCOM. This includes PKI support and services to support operations requirements for Army and Army supported organizations to include the Combatant Commands (COCOMs). This is a fully-funded position located at Fort Belvoir, Virginia. In assuming this position, you will be a critical contributor to meeting NCI's mission: To deliver innovative, cost-effective solutions and services that enable our customers to rapidly adapt to dynamic environments.
MAJOR JOB ACTIVITIES: Please list by order of priority and, if possible, provide the percentage of time spent on the activity all should equal 100%.
- Registration Authority (RA) - An RA is an official recognized by the Certificate Authority to ensure that the subscribers appropriately present the necessary credentials for registration into the PKI. In the DoD PKI,
- RAs enroll devices into the PKI, revoke user certificates and authorize Local Registration Authorities to enroll individual subscribers.
- Support revocation and suspension of a certificate on Unclassified and/or Classified networks.
- Support restoration of suspended certificates.
- Support registration and/or termination of LRAs.
- Add, modify and delete directory entries.
- Perform third party key recovery.
- Approve issuance of certificates to network NPEs.
- Produce and deliver an Issuance report.
- Support retention of all associated documentation for a period of 10 years for DoD and 10 years 6 months for NSS documents. The retention can be in an electronic format, i.e. scanned image (pdf). If stored in digital format, the originals may be disposed of appropriately. All retention and disposal will be in accordance with CNSS Instruction No. 1300, December 2014
- Support duties as assigned through NSS/PKI RPS and DoD/PKI CPS.
- Provide support to LRA, TA, and ETA in accordance with DoD PKI RA-LRA CPS and RPS to ensure
- RA Operations are aligned with DISA Audit requirements.
- Monitor the RA Operations in accordance with DoD PKI RA-LRA CPS and RPS to ensure RA
- Operations are aligned with DISA Audit requirements.
- Support the Army CIO/G6 Cyber Security Directorate and the NETCOM G3/5/7 in addressing audit findings to include migration and correction of findings in accordance with DoD PKI CPS and RPS.Â Develop and maintain an OJT package.
MATERIAL & EQUIPMENT DIRECTLY USED: Â
N/A â Office environment.
- Sitting for long periods
- Ambulate throughout an office
- Travel by land or air transportation 10%
- Work shift work
Education/Certifications: One year related experience may be substituted for one year of education, if degree is required.
- Current/Active Secret Security Clearance and have NOT knowingly been previously denied a security clearance or had a security clearance revoked.
- Bachelors degree 4 - 9 years experience.
- IT Level III (Secret clearance) and NACLC in accordance with AR 25-2.
- Current and maintain IAM I certified as specified in DOD 8570.01-M and BBP 05-PR-M-0002 (Security CE (CompTIA), or CAP (ISC)2, or GSLC (GIAC) IA Certifications). Required at the start of work performance.
- Be appointed in writing by the U.S. Army CIO/G6 official designated in the DoD PKI RA-LRA Certificate Practice Statement.
- Have successfully completed a RA/LRA training program conducted by DISA and CIO/G6. Can be accomplished after start employment
- Must complete all required IA awareness training at the start of work performance.
- NIPR/SIPR Network Connectivity experience.
- SIPR Token issuance/management and problem resolution experience.
- Windows 7 installation, maintenance and troubleshooting skills.
- CompTia A certification.
- CISSP certification.
Valid US Passport
Giac Security Leadership Certification
Global Information Assurance Certification
Certified Information Systems Security Professional
Public Key Infrastructure