Public Key Infrastructure (PKI) Auditor & Trainer/...

Input is currently seeking a Public Key Infrastructure (PKI) Auditor & Trainer/Information Systems Security Officer (ISSO) for a potential contract to assist the Department of the Navy (DON) Public Key Infrastructure (KPI) and Key Management Infrastructure (KMI) Services.

Location(s): Andrews AFB, MD; Norfolk, VA; San Diego, CA; and Pearl Harbor, HI

Key Responsibilities:

• Maintain Naval Communications Security Material System (NCMS) PKI Registration Authority (RA) and Local RA (LRA) systems, perform operating system updates and validate machines are operating in accordance with Authority to Operate (ATO).
• Coordinate with Navy Marine Corps Intranet (NMCI) for machine and network troubleshooting.
• Maintain standard system security and disaster recovery plans and ensure implementation across the detachment.
• Maintain enterprise architecture Standard Operating Procedures (SOPs) and documentation to include illustrations network topology, system access requirements and processes for obtaining material and replacement hardware and software.
• Function as the NCMS PKI liaison to external LRA sites providing assistance and information pertaining to system access, network access, and peripheral devices. Liaison support also includes working with the government Information System Security Managers (ISSM), and Information System Security Officers (ISSO) to achieve and maintain ATO requirements.
• Perform Cybersecurity tasks to include validation of Assured Compliance Assessment System (ACAS) scans and patching, apply Security Technical Implementation Guides (STIGs).
• Properly secure and maintain PKI archives until moved to long term storage facility.
• Perform backups, validate scans, perform software updates as needed, and review workstation system logs.
• Complete compliance audits in accordance with Joint Force Head Quarters Department of Defense Information Network (JFHQ-DODIN) PKI Audit requirements, audits drafts, reports, track audit Plan of Action and Milestones (POA&M), schedule audits and perform Training and Assist Visits (TAV).
• Schedule, conduct and update PKI LRA, Trusted Agent (TA), System Administrator (SA), ISSO classroom training for newly appointed personnel through the Navy.

Qualifications:

• Understanding of Department of Defense (DoD) Common Access Card (CAC) characteristics and CAC/Smart card operation and procedures to include CAC middleware and hardware, with at least one year of experience.
• Knowledge of the principles, concepts, and methodology of Information Technology (IT) processing and a working knowledge of computer system architecture, performance characteristics and DoD and Service IT security policies with at least one year of experience.
• Familiar with DoD 8520.02, Public Key Infrastructure and Public Key Enabling.
• Skilled verbal and written communication techniques required to conduct meetings, and prepare reports and other correspondence.
• Must be able to work independently.
• Possess analytical processing skills.
• Possess DoD 8140 qualification of 461 Basic or 451 Intermediate upon first day of employment and continue to maintain extended training requirements as identified in SECNAV M-5239.2. Navy COOL - Navy Cyber Workforce (CWF) Program - CWF Model.
• JFHQ-DODIN PKI Auditor Qualified or served as Navy RA, LRA or PKI ISSO for 3 years.

Posted: Monday, April 14, 2025
Job # 6722

Caitlin Johnson
CEO (757) 374-6727