The purpose of this position
is to serve as the BaseInformation Assurance
Manager who is the wing commander's authority
and focal point for information Assurance.
Manages the communication-computer security (COMPUSEC) program,
Electronic Key Management System (EKMS), Emission Security, and Information Assurance Awa reness
1. Serves as the WingInformation Assurance Manager. Applies Information Technology (IT) security
principles, methods, and security products
to protect and maintain the availability, integrity, confidentiality,
and accountability of information system resources and information processed throughout the system's
life cycle. Establishes and publishes base-wide policy
to manage theINFOSEC (also known as COMPUSEC) program and provides advice and guidance
in its implementation and in procedures used in the development and operation of systems.
Assists all base organizations in the development of their individualINFOSEC program.
Disseminates information and ensures
computer security practices are adhered to by all functional areas. Reviews, analyzes, and validates
certification and accreditation (C&A) packages. Continuously identifies and analyzes threats
and vulnerabilities to the information systems to maintain
an appropriate level of
protection. Ensures computer
software designs address
information system security requirements. Accomplishes risk analysis, security
testing, and certification due to modifications or changes to computer systems. Evaluates, assesses,
or locally tests and approves all hardware, software,
and firmware products
that provide security features prior to use on any accredited information system or network. Certifies all software prior to installation and use on communications and computer systems.
Executes computer security
plans and enforces mandatory access control techniques such as trusted
routers, bastion hosts, gateways, firewalls, or other methods
of information systems
Manages the Network
Security Program. Maintains required
information assurance certificationIAW DoD 8570.01-M, FederalInformation Security Management Act of 2002, Clinger Cohen Act of 1996. Implements and advises on IT security
policies and procedures to ensure protection of information transmitted to the installation, among organizations on the installation, and from the installation using Local Area Networks (LAN), Wide Area Networks (WAN), the World W ide Web, or other communications modes.
Utilizes current and future multi-level security products collectively to provide data integrity, confidentiality, authentication, non repudiation, and access control of the LAN. Reports to MAJCOM,
Air Force Communications Agency, National
Security Agency, and Air Force
Computer Emergency Response
Team all incidents
involving viruses, tampering, or unauthorized system
entry. Controls access to prevent
unauthorized persons from using network facilities. Limits access to privileged programs
(i.e., operating system, system parameter and configuration files,
and databases), utilities, and security-relevant programs/data files to authorized personnel.
Serves as the Communications Security
(COMSEC) Manager for all cryptographic activities
including managing the Cryptographic Access Program (CAP). Formulates and develops communications security criteria and requirements for inclusion in mobility, contingency, and exercise plans. Maintains accountability for sensitive cryptographic materials
and related COMSEC information.
of COMSEC materials. Maintains COMSEC inventory. Prepares and evaluates written plans for emergency actions
and ensures personnel
are fully qualified in the execution
Implements and manages the Electronic Key Management System (EKMS) program.
Performs other duties as assigned.