Department of Energy, Office of Intelligence and Counterintelligence

Solutions provided span the following Service Areas:

• Certification and Accreditation Support
• Vulnerability Management
• Audit Log Aggregation and Analysis Management
• Network Security Operations Support (ISSO)
• Cyber Security Policy Support
• Audit Preparation
• Intrusion Detection Management
• FISMA Support
• Security Awareness Training

Edgewater Federal Solutions supports the Office of Intelligence and Counterintelligence of the Department of Energy (DOE) in the area of information security. Support includes requirements definition, establishment of policies and procedures, certification and accreditation, and configuration management.
Edgewater’s support in the information security area focuses on developing and implementing INFOSEC solutions for DOE Headquarters and laboratory sites. The specific areas of work include security operations administration; certification and accreditation; vulnerability assessments; intrusion detection systems; system/security testing and evaluation; and program requirements, policies, plans, processes, and procedures. Specific tasks include the following:

• Provide certification and accreditation consulting and management in designing, drafting, and implementing a certification and accreditation process. This includes interpreting and defining DCID 6/3 requirements, designing and implementing threat matrix and test requirements, designing and implementing a workflow, and creating and maintaining a database of all accredited systems and changes to the systems.

• Provide support to the Information System Security Manager (ISSM) and the Field Intelligence Element’s (FIE) Information Systems Security Officers (ISSO), as they go through Certification & Accreditation (C&A) process. Review C&A packages for completeness and prepare final documentation for certification by the ISSM and accreditation by the Designated Approval Authority (DAA).

• Provide training to all of the cyber security personnel within the Office of Intelligence and Counterintellignece on the C&A process and their roles within it.

• Provide expertise in designing, drafting and implementing a review and assessments process for testing and evaluating systems and applications undergoing certification and accreditation. Conduct the tests, prepare written evaluation, recommend corrective actions and/or identify and recommend improvements.

• Conduct vulnerability scanning with and without specialized tools, monitor intrusion detection systems, and provide security advice and guidance as needed/requested. Review each FIE's results with the FIE ISSO for identification of false positives and the resolution of valid vulnerabilities that have been found.

• Consolidate all audit logs on a nation Wide Area Network (WAN) into one automated system that provides both DOE Headquarters and the individual FIE alerts to suspicious conditions and anomolies within the system. These alerts are reported on a weekly basis unless they become incidents; in which case they are immediately reported and investigated.

• Provide direct ISSO support to the Office of Intelligence, Headquarters staff. This support consists of the standard ISSO duties of Access Control (approving, suspending, deleting accounts), media and information management (upload/download approvals, sanitization/destruction of media and other memory devices, disposal of old equipment), and initial incident investigations.

• Serve as the Executive Secretariat for the Information Security Review Board, responsible for ensuring that final policy documents are posted on the Office of Intelligence's Security web page and for creating, maintaining and populating a policy database.

• Draft, coordinate and prepare (for final dissemination) cyber security policies, procedures, delegated authorities and responsibilities for the security of information stored in, processed by or communicated through the sensitive networks and information systems that process classified information.

• Identify emerging issues within the Intelligence Community that affect Office of Intelligence and prepare draft position papers for discussion at the Information Security Review Board.

• Provide expertise to the FIEs to prepare them for independent oversight audits. Also provide personnel for Staff Assistance Visits upon the request of the FIE ISSO.

• Monitor and analyze intrusion detection and auditing data across the network, prepare analytical and trend reports. Serve as the Computer Incident Response Team Technical lead.

• Track all Program of Actions and Milestones (POA&M) items for all systems accredited by the DAA. Review all independent oversight reports of Headquarters and FIEs and enter their findings into the POA&M database for tracking their resolution.The results of the tracking are reported to the DAA on a monthly basis and the FISMA representative to the Intelligence Community on a quarterly basis.

• Provide all initial Cyber Security Awareness Training to all new members of the Headquarter's office. Provide refresher training to the FIE ISSOs in a train-the-trainer environment so that they can train their site's personnel.