• Produce all required DOD compliance documentation for RMF, Audit Response and Remediation, Cyber Task Orders, Required Scorecards, Privacy documentation, and other compliance requirements as detailed in the DSCA CYBR Service Catalog. • Draft and coordinate cybersecurity-related documentation to meet required standards, controls, and metrics. • Support all steps of the RMF process (Steps 0-6) required to gain and maintain DOD Information Network (DODIN) and agency commercial network authority to operate. • Assist in categorization, control selection, implementation, and tailoring support, as well as support of assessments from the ISSO role. • Prepare and validate controls in eMASS packages for assessment and review. • Ensure that control requirements are well-defined and that necessary documentation and evidence are gathered for validation and assessment. • Work in the DOD GRC tool Enterprise Mission Assurance Support Service (eMASS) to support control validation. • Conduct continuous monitoring of information systems to detect vulnerabilities, threats, and security incidents. • Utilize security tools and technologies to perform regular scans, assessments, and analysis of system vulnerabilities. • Maintain and update continuous monitoring processes and procedures to ensure they are effective and aligned with organizational requirements. • Assist in the configuration and maintenance of security tools and technologies provided by the CSSP. • Assist in the detection, analysis, and response to cybersecurity incidents. • Participate in incident response activities, including triage, containment, eradication, and recovery. • Document and report on incident response activities, providing detailed analysis and recommendations for improvement. • Provide support to the Watch Officer in monitoring and managing cybersecurity events and incidents. • Maintain situational awareness of the organization's security posture and emerging threats. • Assist with the performance of daily and ad hoc/on-demand vulnerability scans, monthly audit scans, and monthly discovery scans. • Provide weekly vulnerability compliance reporting to ISSMs. • Review and adjust assets, subnets, credentials, and policies to properly manage C5ISR provided Assured Compliance Assessment Solution (ACAS) solutions. • Track and ensure configuration compliance of Enterprise Security Services (ESS) Suite with RMF, ATO, and Inspection requirements. • Assist with the maintenance of completed security waiver forms in coordination with EADSD and ISSM (PMO). • Work with TSD to implement effective scanning, COAMS System Registration, and Continuous Monitoring Scoring (CMRS) Tagging. • Maintain and update Ports, Protocols, and Services Management (PPSM) records, including emergency and exception requests. • Support the maintenance and accuracy of DoD Allow List entries. • Maintain accurate and up-to-date documentation of all RMF, IT, and FISCAM controls validation activities. • Prepare and submit regular reports on the status of security controls, RMF activities, and DevSecOps pipeline security. • Provide detailed documentation and evidence to support security assessments and audits. • Support the maintenance and configuration needed to maintain accurate ingestion of logs from all assets. • Provide summaries of events/incidents, including time of event/incident, anomalous activity identified, asset names and IPs, affected users, and POC for outreach/additional actions. • Complete Cybersecurity Incident Reporting Forms and assist with the detection and analysis of cybersecurity events and incidents. • Support accurate IR POC list, accurate hardware/software and IP inventory, and accurate summary of event/incident. • Document efforts involved in mitigating cybersecurity-related events/incidents that occur within the enterprise. • Support the generation of performance monitoring reports to monitor asset availability. • Support the generation of system health and security posture reports for system owners and ISSMs. • Support accurate hardware and software inventory, accurate ingestion of logs from all assets, and accurate system performance and security posture baselines. • Conduct specified areas of focus/detail for trend analysis. • Support migration information provided by affected system ISSM and report vulnerabilities to appropriate system ISSMs/POCs. • Assist with the reporting to outside agencies, including JFHQ, battle stations, external leadership, and other DOD Agencies. • Support the correlated agency-level POA&Ms with the coordination of POA&Ms from DSCA to outside entities. • Help complete the Cybersecurity Incident Reporting Form, including additional inputs such as personnel logs, system logs, event logs, and accurate software and hardware inventory list.