Alternate Information Systems Security Officer (AISSO)

U.S. DEPARTMENT OF STATEBUREAU OF INTERNATIONAL NARCOTICS AND LAW ENFORCEMENT AFFAIRS (INL)     You have received this "Personal Services Contractor” (PSC) solicitation through the Department of State (DOS) Internet site. If you have any questions regarding this PSC, you may contact the DOS Official named in this solicitation.  The Department is not responsible for any data and/or text not received when retrieving this document electronically.  Amendments to solicitation documents generally contain information critical to the submission of an application.Position Title: Alternate Information Systems Security Officer (AISSO) Location: Washington, DCSalary Level:    GS-14 - $122,530 - $159,286Period of performance: The period of performance for this contract is twelve (12) months from the date of award with four (4) optional one-year extensions.Issuance Date: May 7, 2021Closing date:    June 4, 2021 - DEADLINE EXTENDEDClosing Time: 3:00 PM ETSolicitation Number:     PSC-21-053-INLJob

description:  See belowDear Prospective Offerors:The Department of State is seeking offers from qualified U.S. citizens to provide personal services for the subject position under a personal services contract, as described in this solicitation. Submittals must be in accordance with the attached information at the place and time specified. Applicants interested in applying for this position MUST submit the following materials:1.    Form SF 171 (Completed and signed)2.    Complete resume. In order to fully evaluate your offer your resume must include:a.    Paid a non-paid experience, job title, location(s), dates held (month/year), and hours worked per week for each position. Dates (month/year) and locations for any overseas experience must also be detailed. Any experience that does not include dates (month/year), locations, and hours per week will not be counted towards meeting the solicitation requirements. b.    Specific duties performed that fully detail the level and complexity of the work.c.    Names and contact information (phone and email) of your current and/or previous supervisor(s). d.    Education and any other qualifications including job-related training courses, job-related skills, or job-related honors, awards or accomplishments. e.    U.S. CitizenshipNote: Resume must contain explicit information to make a valid determination that the candidate meets the experience requirements as stated in this solicitation. This information needs to be clearly identified in the resume. Failure to provide explicit information to determine qualifications for the position will result in loss of full consideration. 3.    Evaluation Factor document specifically addressing:  Each of the Evaluation Factors shown in the solicitation below. Responses must be limited to 500 words per Evaluation Factor. Any additional words above the limit will neither be read nor scored. Note: The Evaluation Factors are worth 70 out of 100 points. Offerors are required to address each of the Evaluation Factors in a separate document describing specifically and accurately what experience, training, education and/or awards they have receive that are relevant to each Factor.  4.    Professional References:  Three (3) names and contact information (phone and email) of current and/or previous supervisors to serve as professional references.  Additional documents submitted will not be accepted. Incomplete or late offers will not be considered. Complete applications must be emailed to:    Dominique Chittum    U.S. Department of State    INL/EX/GAPP    ChittumDA@state.govSincerely,Katelynn BarhamContracting OfficerU.S. Department of StateSUBJECTA solicitation for a Personal Services Contractor (PSC), Department of State (DOS), Bureau for International Narcotics and Law Enforcement Affairs (INL).The United States Government (USG), represented by the DOS, seeks applications from US citizens interested in providing PSC services as described in this solicitation. PRE-AWARD ETHICAL RESPONSIBILITIES OF PSC (JUN 2011)This solicitation may result in the award of one or more personal services contracts as defined in FAR 2.101.  Prior to contract award, all offerors or quotes must advise the cognizant Contracting Officer if they have a personal conflict of interest, such as a financial conflict, that would prevent them from either meeting the requirements of the clause entitled, “Post-Award Ethical Responsibilities of Personal Services Contractors,” or otherwise objectively performing their contractual duties upon contract award.  HOW TO APPLYOfferors proposal shall be in accordance with the requirements stated in this solicitation at the place and time specified.  A proposal will be determined non-responsive and ineligible for consideration unless all required documents and information are included in the submission.  Offerors shall ensure their resume demonstrates their possession of the minimum qualifications outlined in this Solicitation, as well as their ability to fulfill all required duties.  The Government is not responsible for any costs incurred by the offeror during the solicitation process.    NOTE REGARDING GOVERNMENT OBLIGATIONS FOR THIS SOLICITATION This solicitation in no way obligates the Department of State to award a PSC contract, nor does it commit the Department of State to pay any cost incurred in the preparation and submission of the application.Proposals must include the following and not exceed twenty (20) pages (additional pages will not be accepted or reviewed): 1.    Form SF 171 (Completed and signed)2.    Resume  3.    Evaluation Factor Responses4.    Three (3) names and contact information (phone and email) of current and/or previous supervisors to serve as professional references.  Note: Your resume should contain explicit information to make a valid determination that you fully meet the experience requirements as stated in this solicitation. This information should be clearly identified in your resume. Failure to provide explicit information to determine your qualifications for the position will result in loss of full consideration. Additional documents submitted beyond the requirements will not be accepted or reviewed. *** ONE PDF ATTACHMENT IS HIGHLY RECOMMENDEDVETERAN’S PREFERENCEVeteran’s preference is not applicable to this position therefore do not submit DD-214.ALL QUALIFIED APPLICANTS WILL BE CONSIDERED REGARDLESS OF AGE, RACE, COLOR, SEX, CREED, NATIONAL ORIGIN, LAWFUL POLITICAL AFFILIATION, NONDISQUALIFYING DISABILITY, MARITAL STATUS, SEXUAL ORIENTATION, AFFILIATION WITH AN EMPLOYEE ORGANIZATION, OR OTHER NON-MERIT FACTOR.Submit proposal via e-mail to the attention of:INL/Dominique ChittumE-mail: ChittumDA@state.govDirect questions regarding this solicitation to:INL/Dominique ChittumE-mail: ChittumDA@state.govINL will not accept proposals beyond the closing time/date; unless it can be determined DOS mishandled the proposal.  GENERAL STATEMENT OF THE PURPOSE OF THIS CONTRACTMission of the U.S. Department of State: The U.S. Department of State is the lead institution for the conduct of American diplomacy and the Secretary of state is the President’s principal foreign policy advisor. The Department of State’s mission is to advance U.S. national security interests, fight terrorism, protect U.S. interests abroad, and implement foreign policy initiatives that build a freer, prosperous and secure world. Mission of the Bureau of International Narcotics and Law Enforcement Affairs (INL): INL is under the Under Secretary for Democracy and Human Rights (J) and works to keep Americans safe at home by countering international crime, illegal drugs, and instability abroad. INL helps countries deliver justice and fairness by strengthening their police, courts, and corrections systems. These efforts reduce the amount of crime and illegal drugs reaching U.S. shores. The purpose of this Personal Services Contract will be to provide an Alternate Information Systems Security Officer (AISSO) for Mexico City INL Offices and other world-wide posts as assigned by the EX/IM Information Management Director. This position will serve as the focal point for ensuring the implementation, maintenance, and updating of adequate system security in order to prevent, detect, and recover from security breaches.  It will also fulfill duties of an IT specialist for the regional INL CLOUD environment as needed.  This position reports directly to the INL/EX/IM Information Management Director and the INL Bureau’s Information System Security Officer (ISSO).DUTIES AND RESPONSIBILITIES    Under the direct supervision of the INL Bureau’s ISSO or his/her designee, the AISSO will perform the following duties:•    Manages the development of long-range plans for IT security of systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT system vulnerabilities. The AISSO, in conjunction with the system manager must provide for the operational availability of services according to the criticality of those services.  They will maintain contingency and disaster recovery plans to ensure level of service availability and integrity•    Provides authoritative guidance related to information system security planning and the coordination and development of specifications to meet security requirements.•     Develops and reviews systems security procedures and guidance for systems processing multiple applications that require differing and conflicting security controls, and that are typically accessed by a large distributed user community. •    Interprets IT security policy and implements corresponding security controls covering the management, operational, and technical aspects of a system’s boundary. This includes physical security, application and data security, system software security, contingency planning, compliance with personnel clearance procedures, security education and training, and contractor and TPCs (Third Party Nationals) security.•    Plans and manages complex IT projects involving interrelated disciplines and multiple stages of the systems development lifecycle. For example, manages IT projects for the office, and aligns the IT infrastructure with systems security and agency business requirements. Integrates systems security to the analysis, software development, database administration, and customer support into the project plan.•    Ensures necessary IT systems security controls are in place and operating as intended.•    Advises the INL/ISSO of risks in systems. •    Responds to any security incident report from the systems managers at any of the posts under responsibility. •    Assists in completing and maintaining appropriate security documentation including systems security plans and emergency action plans.•    Reviews system security audit trails and system security documentation to ensure security measures are implemented effectively and evaluating known vulnerabilities to ascertain if additional safeguards are needed.•    Ensures systems are patched, and security hardened.•    Identifies, reports and responds to security incidents and review security alerts on vulnerabilities.•    Ensures users have the required background investigations, the required authorization and need-to-know, and are familiar with internal security practices before access is granted to systems.•    Reviews the physical environment for INL regional offices networks to ensure that they comply with DS systems guidelines.•    Ensures that accounts for new users in the network/CLOUD are created according to roles and permissions granted.•    Provides support for applications in different posts as required by INL/EX/IM.•    Performs other duties directly related to this Statement of Work in the INL network/CLOUD as requested by the INL/ISSO in Washington DC or the INL/EX/IM Information Management Director.•    When required, perform the role of Duty Officer.•    Perform services that fall within the general scope of work and overall INL mission at physical locations other than Washington INL headquarters, including within other INL offices, bureaus or other USG agencies for a period not to exceed six (6) months.  TRAININGS & DISTANCE LEARNING COURSES•    Completes the mandatory ISSO Training Course (IA110 - ISSO Cybersecurity Foundations) within 30 days from the beginning of contract.•    Completes Microsoft Azure Administration Training within 60 days from the beginning of contract.•    Completes the mandatory Foreign Affairs Counter-Threat (FACT) Course (CT650) prior to deployment to Post for more than 30 days.  •    Consultations with the INL Resource Management will be required.PLACE OF PERFORMANCE & TRAVEL REQUIREMENTSWashington, DC.  Travel will be required to INL offices overseas for regular security reviews or when there is a security incident that requires his/her physical presence.RELATIONSHIPThe AISSO reports directly to the INL/EX/IM Information Management Director and will serve under the day-to-day direction of the INL Program ISSO in Washington DC.  The INL/EX/IM Information Management Director will provide yearly performance reviews to the INL/EX/GAPP Contracting Officer in Washington, D.C. to contribute to the incumbent’s official yearly review.  INL Management Officers from AISSO serviced posts will provide performance input to the INL/EX/IM Information Management Director.COMPLEXITYThis position involves planning, organizing and performing analysis of systems security compliance to ensure that they adhere with Diplomatic Security’s Systems Security requirements. It also requires analysis of the requirements of systems to support INL applications.SCOPE AND EFFECTIVENESSThe PSC performs broad and extensive assignments related to complex information technology activities.PERIOD OF PERFORMANCEThe period of performance for this contract is twelve (12) months from the date of award with four (4) optional one-year extensions.MINIMUM QUALIFICATIONS1.    U.S. citizenship with the ability to obtain and maintain Department of State Secret level security and Medical clearances. Department of State Ethics clearance (if applicable). (Security clearance upgrade to TS level may be required).2.    Bachelors degree in Computer Science or equivalent.3.    A minimum of ten (10) years of experience working in Computer Systems administration.4.    A minimum of five (5) years of experience in a Diplomatic Security systems regulated environment.5.    A minimum of three (3) years of work experience performing IT research and analysis of regulatory material and its interpretation and application in the DOS systems environment.6.    Demonstrated knowledge of cybersecurity principles, methods, and tools.7.    Ability to develop IT policies and guidelines. Demonstrated experience providing guidance to users regarding systems security.8.    Demonstrated ability to apply project management methodologies and techniques to manage complex IT projects.9.    Demonstrated public speaking experience in groups of at least five participants.EVALUATION FACTORS(Used to determine the competitive ranking of qualified offerors in comparison to other offerors.) Offerors should cite specific, illustrative examples for each factor. Responses must be limited to 500 words per factor. Any additional words above the limit will neither be read nor scored.Factor 1:    Work Experience                             (14 Points)Demonstrated experience in the implementation of laws, regulations, and directives to exercise responsibilities for information security, identifying minimal information security controls, specifying compliance reporting rules and procedures, and providing other essential requirements and guidance in the areas of cyber security, certification and accreditation of systems, incidence and violation response, technical risk analysis on information systems’ configuration which affects information security specified in federal mandates.Factor 2:    Specialized Experience                         (14 points)Demonstrated ability in conducting compliance reporting on IT systems, software applications, and cloud networks.  Performing vulnerability scanning, penetration testing, security assessments, and performing authorizations and accreditations of cloud-based systems.Factor 3:    Management experience                         (14 points)Demonstrated successful supervisory experience in the information technology field, preferably in a multicultural environment. Supervision of IT specialists at different levels and with different areas of knowledge.  Demonstrated experience managing of multiple projects with competing priorities.Factor 4:    Leadership Experience                         (14 points)Demonstrated ability to interact effectively with technical and non-technical personnel and work with customers and IT technicians leading them to agree in methods/processes and systems requirements.Factor 5:    Department Experience                         (14 points)Knowledge of Department of State Management regulations (FAM). Demonstrated knowledge of Diplomatic security regulations for systems.BASIS OF RATING: Offerors who clearly meet the Education/Experience Requirements will be further evaluated based on scoring of the Evaluation Factor responses. Offerors are required to address each of the Evaluation Factors in a separate document describing specifically and accurately what experience, training, education and/or awards they have received that are relevant to each factor. Failure to specifically address the Evaluation Factors may result in your not receiving credit for all of your pertinent experience, education, training and/or awards.The Offeror Rating System is as Follows: Evaluation Factors have been assigned the following points: Factor #1 – 14 points Factor #2 – 14 points Factor #3 – 14 points Factor #4 – 14 points  Factor #5 – 14 pointsTotal Possible – 70 Points Interview Performance – 30 points Satisfactory Professional Reference Checks – Pass/Fail (no points assigned)Past performance evaluation of applicant’s ability to perform under the contract.  In conducting the evaluation, the U.S. government reserves the right to utilize all evaluation information available at the time of evaluation, whether provided by the applicant or obtained from other sources. Total Possible Points: 100The most qualified candidates may be interviewed, required to provide a writing sample, and demonstrate an ability to operate commonly used office applications. INL will not pay for any expenses associated with the interviews. In addition, applications (written materials and interviews) will be evaluated based on content as well as on the applicant's writing, presentation, and communication skills. In the event that an applicant has fully demonstrated his/her qualifications and there are no other competitive applicants, INL reserves the right to forego the interview process. Professional references will be evaluated for applicants being considered for selection.COMPENSATION (BASE PAY)This position has been designated at the GS-14 equivalent level ($122,530 - $159,286 per annum). Final compensation will be negotiated within the listed market value based upon qualifications, previous relevant experience and work history, salary and educational background. Salaries, including any recruitment supplemental pay that exceeds the listed pay range, will not be entertained or negotiated.For award, INL will negotiate for this contract based on the market value as outlined above and overall experience relevant to the solicitation requirements.  BENEFITS & ALLOWANCESAS A MATTER OF POLICY, INL NORMALLY AUTHORIZES THE FOLLOWING BENEFITS AND ALLOWANCES BENEFITS - IF APPLICABLE•    Employee's FICA/Medicare Contribution•    Contribution toward Health and Life Insurance •    Pay Comparability Adjustment •    Annual Increase •    Eligibility for Worker's Compensation •    Annual, Sick and Home Leave •    401K Plan •    MEDVAC (provided by DOS Med)ALLOWANCES IN ACCORDANCE WITH DEPARTMENT OF STATE STANDARDIZED REGULATIONS (DSSR) - IF APPLICABLE •    Temporary Quarters Subsistence Allowance (TQSA) or Per Diem upon arrival at Post•    Housing Allowance•    Post Allowance•    Supplemental Post Allowance •    Maintenance Allowance (SMA)•    Education Allowance•    Educational Travel (full-time United States based secondary) •    Post Hardship Differential•    Danger Pay•    Shipment of HHE, UAB, POV and Consumables