End User Specialist

The Alaka’ina Foundation Family of Companies (FOCs) is looking for an End User Specialist II to support our government customer out of Maui, Hawai'i.

DESCRIPTION OF RESPONSIBILITIES:

• Furnish qualified on-site technicians to provide configuration, installation, monitoring, troubleshooting, repair, preventative, and corrective maintenance for all site operational network infrastructure to include all routers, switches, peripheral equipment, file/print servers, software, configuration, security and vulnerability management, and interfaces.
• Ensure continuous network access and to perform troubleshooting and recurring maintenance required to restore network service, improve security, reliability and performance.
• Maintain Uninterrupted Power Supply (UPS) capability to all critical network components to maintain system availability.
• Install, operate, and maintain vulnerability management hardware and software. Maintain, update and enforce AFIN network security policies to detect unauthorized network activity and maintain records of compliance.
• The operational network is currently comprised of network switches, routers, and encryption devices. The network devices include CISCO Switches, CISCO Routers, and Encryption Devices (Taclane KG-175D, KG-175F, and KG-175G). Also included are: Protected Distribution Systems (PDS), fiber optic cabling, and CAT 5E/6E cabling.
• The network management Automated Information System (AIS) includes SolarWinds, Splunk, Puppet, Cisco Identity Services Engineer (ISE), CiscoPrime, Terminal Access Controller Access Control System (TACACS), and GEM X Universal Remote Encryptor Manager.
• The VoIP systems are currently comprised of a cluster of Cisco Unified Call Manager (CUCM) servers, Cisco media gateway routers to interface analog phones/Secure Telephone Equipment (STE), and Cisco 7900-series, 7800-series, and 8800-series IP telephones.
• Configure, install, patch & secure all network devices for NIPRNet and SIPRNet and all applicable networks, under their responsibility, IAW the latest Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alerts (IAVAs), Time Compliance Network Orders (TCNOs), Time Compliance Technical Orders (TCTOs), Approved Products List (APL), and Local Security Guidelines as directed.
• Identify 90% of applicable vulnerabilities for all relevant STIG releases
• Configure 90% of network equipment to meet DISA STIG requirements.
• Monitor and repair all network hardware, software, and system utilities IAW technical manuals, vulnerability patching, and local maintenance procedures/policies.
• Perform network scanning to identify vulnerabilities, misconfigurations, and patch/re-configure as required to comply with DISA STIGs, IAVAs, TCNOs, APL, and Local Security Guidelines as directed.
• 100% compliant with DISA STIGs, IAVAs, TCNOs, APL, and Local Security Guidelines.
• Apply patches or configuration updates to servers identified in ACAS scans 100% of the time every month
• Respond, troubleshoot, and mitigate all connectivity, signal quality, degradation of services, and capacity concerns by utilizing the current Network Management System.
• Perform cryptographic rekeys in support of SIPRNet and JWICS operations.
• Respond to support calls, emails, tickets, and outages from 15 SPSS customers and the Communications Focal Point (CFP). The Contractor shall provide end-to-end troubleshooting for NIPRNet, SIPRNet, and JWICS LAN, MAN, WAN, PA, VoIP, and VoSIP systems.
• Shall meet response time: 100% for emergency; 95% for urgent; and 90% for routine tickets.
• Maintain hours of operation for CFP support as 0700-1630, Monday through Friday (Bldg. 550) and 0600-1500 (MSSC), excluding Federal Holidays.
• Perform all network maintenance identified in the local change management process, IAW the latest DISA STIGs, IAVAs, TCNOs, TCTOs, APL, and Local Security Guidelines as directed. In the case of equipment failures or unsolved technical problems, the Contractor may be asked to open a trouble ticket with the OEM, and/or request repair/replace authorizations using standard return procedures. In addition, the Contractor shall coordinate and submit any authorized service interruption requests to the CFP, Director of Operations, Mission Assurance section, and base Civil Engineering for preventative maintenance actions which would involve service interruption to 15 SPSS end users.
• Provide database management of the operational network to include network topology diagrams, configuration management databases, standardized configurations, backups, report creation, restore, and purging of files.
• Enter all database and maintenance changes in a log and retain for record.
• Manage the VoIP and VoSIP database at each location to include performing telephone upgrades, relocation, and removal.
• Perform installation support for NIPRNet, SIPRNet, and JWICS LAN, MAN, WAN, VoIP, or VoSIP requirements. The Contractor shall support all integration projects during installations and/or equipment enhancements.
• Support all inspections of the Contractor’s area of responsibility (i.e., Command Cyber Readiness Inspections (CCRIs), Inspector General (IG) visits and actively support Unit Self-Assessments Program and MICT checklist(s) assignment.)
• Furnish qualified on-site technicians to provide change management, software patching, administrative support, troubleshooting, and repair for 15SPSS communications systems encompassing the operational network.
• The communications systems currently encompassing the operational network are Window 7 workstations, Windows 10 workstations, Windows Server 2008, and Windows Server 2012, Red Hat Enterprise Linux (RHEL), Network Printers, Commercial Mobile Devices (CMD), Land Mobile Radios (LMR), and Video Teleconferencing Systems (VTCs).
• The communications systems management AIS include SCCM, Windows System Update Server (WSUS), Remote Desktop, and Remedy Ticketing System.
• Process and track ‘Network Change Requests’ through the SF approved AIS IAW Local Change Management Plan, Policies and Procedures.
• Establish standard desktop configurations for Local Registration Authority (LRA) desktops to perform NIPRNet and SIPRNet Common Access Card (CAC) token creation and issuance.
• Ensure proper documentation IAW applicable LRA roles and regulations (AFI 17-130).
• Complete electronic documentation of all Remedy and RT System Trouble Tickets to include Incident Management (INC) and Change Management Requests (CRQ) within 24 hours of notification.
• Validate and coordinate all change request actions between end users and Network Operations Security Center (NOSC).
• Review Cyber Network vulnerability management scans across the 15SPSS NIPRNet, SIPRNet, and JWICS encompassing all network devices.
• Apply patches or configuration updates to servers identified in ACAS scans 100% of the time every month.
• Perform client system software patching based off of approved AIS vulnerability scan results.
• Review system scans of security threats and perform corrective actions IAW TCNO guidance.
• Troubleshoot, and repair failed automated patching on client systems.
• Ensure LRA stations are being properly patched and maintained IAW applicable LRA roles and regulations (AFI 17-130).
• The Contractor shall apply DISA STIGs, IAVAs, TCNOs, TCTOs and Local Security Guidelines, while following local change management policies and procedures.
• Answer calls, e-mails, and tickets submitted by customers within 24 hours of notification.
• Remotely troubleshoot and resolve end user support tickets and work orders. If on-site repair is required, the Contractor shall coordinate and transfer tickets to Client Systems Technician for response and resolution.
• Ensure TEMPEST (formerly referred to as EMSEC) requirements are met in areas where classified information is processed. Appoint a primary and alternate TEMPEST Manager. Ensure the primary and alternate TEMPEST managers attend the required training at Keesler Air Force Base, MS.
• Submit TEMPEST assessments within the timelines required to the Certified Technical TEMPEST Authority (CTTA) as required by AFSSI and DoD guidance. Perform TEMPEST inspections after installation, but before operation of any new equipment. Correct all TEMPEST inspection deficiencies and request a re-inspection. Maintain the current certification memorandum provided by the CTTA.
• Conduct, at a minimum, an annual TEMPEST inspection of all areas where classified information is processed, to include signal lines that are used to handle or process classified information.
• Review all signal line and equipment installations and modifications in all areas that process classified information to ensure compliance with TEMPEST standards. Maintain current diagrams and drawings for all classified processing areas. Correct TEMPEST discrepancies as directed by the CTTA and notify the government PM or 15 SPSS designee of any TEMPEST vulnerabilities that may affect classified operations.
• After completed TEMPEST Inspection, review all installation, removal, or equipment modification schemes for potential vulnerabilities and notify the ISSM of vulnerabilities identified, if any. Implement required countermeasures and maintain as-applied or as-installed. Provide assistance for TEMPEST assessments, tests, inspections and certification activities.
• Maintain a comprehensive inventory of all equipment that processes or handles classified information in support of TEMPEST efforts.
• Maintain and administer an integrated data management system for collection, control, publishing and delivery of all program documents. The data management system shall include but not be limited to the following types of documents: Standardized Switch/Router Configurations, Network Topology Diagram, IP Address Management, Virtual LAN Management, TCNO Database, AFNetOps Compliance Tracker, and STIG Compliance Checklists. Provide the government with electronic access to this data, including access to printable reports. Documentation shall also include equipment listing with serial/model numbers and manufacturer specifications.

REQUIRED DEGREE/EDUCATION/CERTIFICATION:

• Associate degree or higher from an accredited college or university OR
• Offerings listed in DoD 8140 Training Repository OR
• CND or GICSP

REQUIRED CITIZENSHIP AND CLEARANCE:

• Must be a U.S. Citizen
• Must have TS clearance.

The Alaka`ina Foundation Family of Companies (FOCs) is a fast-growing government service provider. Employees enjoy competitive salaries. Eligible employees enjoy a 401K plan with company match; medical, dental, disability, and life insurance coverage; tuition reimbursement; paid time off; and 11 paid holidays.

We are an Equal Opportunity/Affirmative Action Employer. We are proud to state that we do not discriminate in employment decisions on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. If you are a person with a disability and you need an accommodation during the application process, please click here to request accommodation. We E-Verify all employees.

The Alaka`ina Foundation Family of Companies (FOCs) is comprised of industry-recognized government service firms designated as Native Hawaiian Organization (NHO)-owned and 8(a) certified businesses. The Family of Companies (FOCs) includes Ke`aki Technologies, Laulima Government Solutions, Kūpono Government Services, and Kāpili Services, Po`okela Solutions, Kīkaha Solutions, LLC, and Pololei Solutions, LLC. Alaka`ina Foundation activities principally benefit the youth of Hawaii through charitable efforts which includes providing innovative educational programs that combine leadership, science & technology, and environmental stewardship.