C&A

Man I have been chatty lately. So does anyone do any C&A work for the government? To me, it seems like a simple but in depth audit to a standard. Any other opinions?

Also has anyone heard of Force3?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

shodown

Bl8ckr0uter wrote: »

Man I have been chatty lately. So does anyone do any C&A work for the government? To me, it seems like a simple but in depth audit to a standard. Any other opinions?

Also has anyone heard of Force3?

Im' not sure what you mean by C&A. As far as Force 3 they are a player here in the DC area. They are based out of MD. Protected by the minority and small business laws. I've heard good things about them. Check it out.

Bl8ckr0uter

shodown wrote: »

Im' not sure what you mean by C&A.

Sorry. Certification and Accreditation

shodown wrote: »

As far as Force 3 they are a player here in the DC area. They are based out of MD. Protected by the minority and small business laws. I've heard good things about them. Check it out.

http://www.techexams.net/forums/jobs-degrees/60646-resume-thread-2.html

That's good to hear. I had never heard of them.

I've been looking more into this and I don't think it will be as big of a deal as I thought.

powerfool

Bl8ckr0uter wrote: »

I've been looking more into this and I don't think it will be as big of a deal as I thought.

What I have found about most things is... they never are...

Bl8ckr0uter

powerfool wrote: »

What I have found about most things is... they never are...

Hey you do C&A stuff right?

Tell me what you all think:

Position: Security Analyst

Job Description: This position will manage the Security Program at the 88th Medical Group at Wright Patterson AFB, OH. This includes Information Assurance (IA) management, Firewall exception management and Certification and Accreditation (C&A) process management. This position will manage the COMPUSEC functions of the systems security office and will work hand-in-hand with the facility security manager to ensure that all security requirements for network access are completed. Serve as the liaison to the 88th Communications Group (88CG) on all IA issues and processes and will be responsible for providing written and oral feedback to 88MDSS/SGSI and 88CGIA on the status of all IA action items. Issue, track and provide notification of resolution of Notice to Airman (NOTAMs) and Time Compliance Network Orders (TCNOs) issued by Air Force Communications Emergency Response Team (AFCERT). Implement and monitor the policies and programs identified in DoDI 8510.01 to ensure that all operational clinical and administrative systems developed by the 88MDG are compliant. For all AF/SG managed medical systems the candidate will work with the Program Management Office (PMO) to obtain required C&A paperwork and provide feedback to the medical information systems flight chief on the compliance of those systems in use by 88MDG. Under the Firewall Management duties, the candidate will provide project management and operational support for the 88MDG firewall exception management program. The candidate will be responsible for submitting, tracking and renewing all firewall exception requests. This person will ensure that existing exceptions that need to be renewed do not expire, and shall validate all new and existing requests on an annual basis. Will be responsible for writing weekly report documentation and attending internal meetings.
Required Knowledge and Skills: Must be a US Citizen with an active Secret clearance and have a valid Security+ certification. Knowledge and familiarity with DoD 5200.2-R and AFI 33-202, Volume 1 as well as DoD Information Assurance directives. Strong Systems Security background and have excellent oral and written communication skills. Must have strong customer service skills, positive attitude and be a team player.

Bl8ckr0uter

I guess C&A work isn't that popular around here. I thought there was at least one person that work in this field but I can't remember the user. Oh well. I have been asked to add one thing and send it back to the recruiter. I am going to do that today. Apparently they are looking to move pretty quickly. Lets see how this all turns out.

ibcritn

2 Friends and Step dad worked at Force 3 they all hated it..... I would be cautious.

PM me if you want more info Bl8ckr0uter

CrapMasterZero

I do C&A work as a govie (well lots of other things too C&A is just part of it...). I am not sure there's much to say look up policies such as 8500.1 and 8500.2 and 8510.01 for DIACAP which is the DoD IA C&A Process which is what everyone follows. Now if you are doing C&A on intelligence systems that falls under the DoDIIS process (goes through DIA). There's also NSA Type 1 process which is for Type 1 crypto devices. For the job itself it's okay...as a govie I am more on the management side. As a contractor you will probably run Retina scans, do risk assessment, and go to meetings with other people. It's a good entry point into IA IMO, since IA in government is a lot of C&A. Good luck.

Forgot to add it's a good starting point to get a security clearance (yes...lots of C&A work requires TS/SCI)