The candiate shall provide cyber-security management support IAW AFI 17-130, Air Force Cyber Security Program Management, as defined in the individual TOs.
The contractor shall coordinate all actions required by USAFCENT cyber security-related CTOs including, but not limited to, vulnerability scanning and patch compliance.
USAFCENT Cyber Security oversees all vulnerability scans IAW SPIN-C. Cyber security tasks shall include :
a. Scanning : The contractor shall annotate remediation and mitigation actions on the vulnerability scan reports and return responses to USAFCENT Cyber Security to meet CTO compliance standards.
b. Patching : The contractor shall monitor and verify patch compliance using the approved technical solution (i.e., SCCM, Assured Compliance Assessment Solution Information Assurance Vulnerability Alert (IAVA) compliance dashboards to track patching progress IAW patch compliance CTO requirements.
Subtasks shall include :
1. Coordinate appropriate actions to ensure site systems are receiving patches and identify any patch installation issues.
2. Coordinate with local administrators to troubleshoot and elevate patching issues to NOSC engineers in a timely manner in order to meet patch compliance timelines.
If automated patches are unavailable, such as with PMO systems, the contractor shall coordinate with PMO offices for manual patching of these systems to meet compliance levels IAW the CTO and SPIN-C requirements.
3. Develop a POA&M when CTO compliance cannot be met by the compliance date.